[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: reviewing httpd access log

To: misc@openbsd.org
Subject: Re: reviewing httpd access log
From: Han Boetes <han@mijncomputer.nl>
Date: Sun, 1 Aug 2004 20:36:28 +0200
Content-Disposition: inline
Mail-Followup-To: misc@openbsd.org
References: <20040801174234.GA76@kingcull.cullmail.com>
User-Agent: Mutt/1.5.6i

J Moore wrote:
> Reviewing my /var/www/logs/access_log file it seems there are a lot of
> "bogus" entries; i.e. people trying various hacks, looking for
> weaknesses, testing for win32, etc, etc.
>
> Is there a good technique for automatically identifying these trouble-
> makers? I'd like to be able to build a "deny" table for pf to halt
> repeat offendors, but I can't afford the time to review the logs
> "manually".

RedirectMatch ^.*\.(ida|exe|dll).* http://support.microsoft.com



# Han

References:
- reviewing httpd access log
  - From: J Moore <jaymo@cullmail.com>

Prev by Date: Re: reviewing httpd access log
Next by Date: [동의]최신형 디카폰 무료증정 이벤트!
Prev by thread: Re: reviewing httpd access log
Next by thread: Re: reviewing httpd access log
Index(es):
- Date
- Thread