The Sysadmin’s Daily Grind: Webalizer Xtended

WRONG NUMBER!

Article from Issue 64/2006
Author(s):

Webalizer is a tool for analyzing web server logfiles. A new patch lets admins see what isn’t there.

From time to time, I browse my web server logfiles, although this isn’t something I like to do too often. After all, I get to see enough of the pesky things at work. When I do check my own logs, it typically has to do with debugging, but I also tend to find “wrong number” type entries. Sometimes you get strange entries like: tharis.xxxxx.at - - U [03/Dec/2005:08:24:43 +0100] „GET /LOST HTTP/1.1“ U 404 1025 „-“ „Mozilla/4.0“ Although this message looks pretty offensive, it is actually quite harmless. On other occasions, I find people attempting to navigate to URLs belonging to applications that have been featured in recent security advisories. In the past few weeks, for example, I have read advisories concerning PhpMyAdmin and PhpBB. Attempts to access files with suffixes such as .mdb and .asp, are telltale signs of unfriendly fire. Listing 1 shows an excerpt.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Charly's Column – Go Access

    Just as a craftsman is unlikely to purchase a new angle grinder every month, sys admins are unlikely to change constantly their tried and trusted tools. Columnist Charly Kühnast ditches this conservative philosophy this month, lured by the charms of a new logfile tool.

  • Charly's Column

    Incoming TCP connections do not always end up where they are supposed to. A freely configurable redirector points digital debris in the direction of a new and better place.

  • Charly's Column

    On vacation we may be happy just to check the position of the sun,but computers need a more accurate measure of time. Luckily, there are atomic clocks that can receive time signals by radio and off the Internet.

  • Charly's Column

    If you do not receive a response to a ping, or if the response is seriously delayed, you might like to take this as a warning. But who wants to ping all day? You need a ping-based monitoring utility like Smokeping.

  • Charly's Column

    The principle behind Rsnapshot is nothing new: use Rsync and SSH to back up files to another computer. What sets Rsnapshot apart is its simple setup and its rich collection of features.

comments powered by Disqus

Direct Download

Read full article as PDF:

Charly_Column.pdf (96.90 kB)

News