[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: reviewing httpd access log

To: J Moore <jaymo@cullmail.com>
Subject: Re: reviewing httpd access log
From: Artur Grabowski <art@blahonga.org>
Date: 02 Aug 2004 08:24:43 +0200
Cc: misc@openbsd.org
References: <20040801174234.GA76@kingcull.cullmail.com>
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.2

J Moore <jaymo@cullmail.com> writes:

> Reviewing my /var/www/logs/access_log file it seems there are a lot of 
> "bogus" entries; i.e. people trying various hacks, looking for 
> weaknesses, testing for win32, etc, etc.
> 
> Is there a good technique for automatically identifying these 
> trouble-makers? I'd like to be able to build a "deny" table for pf to 
> halt repeat offendors, but I can't afford the time to review the logs 
> "manually".

What problem are you trying to solve?

//art

Follow-Ups:
- Re: reviewing httpd access log
  - From: J Moore <jaymo@cullmail.com>

References:
- reviewing httpd access log
  - From: J Moore <jaymo@cullmail.com>

Prev by Date: Re: reviewing httpd access log
Next by Date: Re: kern.version
Prev by thread: Re: reviewing httpd access log
Next by thread: Re: reviewing httpd access log
Index(es):
- Date
- Thread