Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Web-App-Sec
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Apache log file monitor

from [James Barkley] Network Security [Permanent Link]
Subject: Re: Apache log file monitor
Date: Sun, 17 Oct 2004 16:08:26 -0400 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On linux use webalizer for stats, logwatch for alerts, and maybe
create your own perl or shell script to look for and report specific
things (this is not as hard or time-consuming as you might think).
You can have these mailed to you via cron, but if you choose to do
that I highly reccomend you encrypt the payload via gpg.  Create a new
key and make sure the secret key has been imported as fully trusted on
both sending machine and receiving machine.  Here is a sample line to
place in your crontab.

55 23 * * * /usr/local/bin/logcheck -d today | /usr/bin/gpg -e -a
- --batch -r jane.doe@website.com | /bin/mail -s 'webserver daily'
jane.doe@website.com

- -Jim

p.s.  Create your key as 2048-bit


Chris Davis wrote:

|I occasionally see you guys talk about what appeared in your Apache
|logs the night before.  What utilities do you guys use to monitor your
|log files?
|
|Currently I run awstats to record the number of visitors and which
|pages were hit more frequently, but it doesn't log the actual URL that
|the "visitor" attempted to reach.
|
|Thanks for any help you can provide.
|
|Chris Davis
|davisfactor@gmail.com


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBctE4BtvwQGcl/zERAkDaAJ0cLGsLGKFnduIimhDHYxkq4RfzrACeLkZ9
bjjKEhRqHSyGIhiFKo/mSVw=
=o0xe
-----END PGP SIGNATURE-----

[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Potential XSS errors when using information from HTTP requests, V.Benjamin Livshits
Next by Date:  Re: Web Attack Data - Apache, richardw
Previous by Thread:  Re: Apache log file monitor, Joseph Miller
Next by Thread:  Re: Apache log file monitor, forward
Indexes:  [Date] [Thread] [Top] [All Lists]