Security Portal: Ask Buffy - Log Analyzers for Apache and Tracking Down a Bogus DeviceFeb 08, 2001, 08:04 (0 Talkback[s])
(Other stories by Buffy)
"I want to write a log analyzer for a Web error log file. I am interested in analysis of vulnerabilities on Apache Web servers, errors, CGI vulnerabilities or others, and some well known CGI hack methods. Can you send me information about well known signatures or links to Websites?..."
"On two evenings this week, my campus had someone running DHCP with a 192.168.244.129 address. This computer only came up around midnight for a little bit. By the time we found out, we couldn't get the MAC Address of this DHCP. What is your suggestion to track down this bogus device?..."
"I removed some log files in the /etc/iscan directory to free up some space on my root. A few seconds later, the system kicked me out, and three hours later, I've still not been able to log back in. Please help me out. This is a CKPFW."