Help with log analysis please
whenever
whatever at whoever.net
Mon Jul 30 22:27:36 PDT 2001
you are looking at apache log, they are trying to redirect from your apache server, but got a 404 (error, no such page), it happened all the time, nothing to worry about.
On Tue, Jul 31, 2001 at 05:17:42AM +0000, beesond001 at hawaii.rr.com wrote:
> To all,
> As I was going through some of my logs today I noticed something curious
> and as I began digging deeper, I began to get that sinking feeling. Now,
> I am no expert, and I would sure appreciate it if you guys could help me
> decipher this and tell me if my hunch is correct. My hunch is that the
> following IP addresses have borrowed my computer to try and visit a few
> web sites with... My other hunch is that I should have caught it sooner,
> but that is a different story...
> 65.34.103.143 - - [30/Jul/2001:01:18:11 -1000] "GET http://www.s3.com/
> HTTP/1.1" 404 301
> 61.144.144.190 - - [19/Jul/2001:00:37:47 -1000] "GET
> http://www.yahoo.com/ HTTP/1.1" 404 304
> 61.144.141.144 - - [20/Jul/2001:23:50:25 -1000] "GET
> http://www.yahoo.com/ HTTP/1.1" 404 304
> 128.132.37.68 - - [07/Jul/2001:06:42:54 -1000] "GET
> http://www.mpogd.com/gotm/ HTTP/1.1" 404 309
> Now just for grins I ran "last" and no one here was logged in at these
> times.
> Now, I have also noticed a bunch of chicanery in my logs this month, and
> it appears that my firewall has stopped all the stuff I see in
> /var/log/messages. This stuff showed up elsewhere and now I am beginning
> to feel that something a little more is up.
> What I would like is if someone could provide me some tips for figuring
> out how these log entries appeared and what I should do to plug those
> holes. I will be willing to share log files etc, but I don't wish to
> post them to the list a) in their present form, and also b) to save a
> little space on the server.
>
> Thanks in advance,
> Ben
>
> ---
> You are currently subscribed to luau as: whatever at whoever.net
> To unsubscribe send a blank email to $subst('Email.Unsub')
--
"Linux: the operating system with a CLUE... Command Line User Environment"
More information about the LUAU
mailing list