The Sysadmin’s Daily Grind: Webalizer Xtended

WRONG NUMBER!

Article from Issue 64/2006
Author(s):

Webalizer is a tool for analyzing web server logfiles. A new patch lets admins see what isn’t there.

From time to time, I browse my web server logfiles, although this isn’t something I like to do too often. After all, I get to see enough of the pesky things at work. When I do check my own logs, it typically has to do with debugging, but I also tend to find “wrong number” type entries. Sometimes you get strange entries like: tharis.xxxxx.at - - U [03/Dec/2005:08:24:43 +0100] „GET /LOST HTTP/1.1“ U 404 1025 „-“ „Mozilla/4.0“ Although this message looks pretty offensive, it is actually quite harmless. On other occasions, I find people attempting to navigate to URLs belonging to applications that have been featured in recent security advisories. In the past few weeks, for example, I have read advisories concerning PhpMyAdmin and PhpBB. Attempts to access files with suffixes such as .mdb and .asp, are telltale signs of unfriendly fire. Listing 1 shows an excerpt.

Buy this article as PDF

Express-Checkout as PDF
Price $2.95
(incl. VAT)

Buy Linux Magazine

SINGLE ISSUES
 
SUBSCRIPTIONS
 
TABLET & SMARTPHONE APPS
Get it on Google Play

US / Canada

Get it on Google Play

UK / Australia

Related content

  • Charly's Column – Go Access

    Just as a craftsman is unlikely to purchase a new angle grinder every month, sys admins are unlikely to change constantly their tried and trusted tools. Columnist Charly Kühnast ditches this conservative philosophy this month, lured by the charms of a new logfile tool.

  • Charly's Column

    On vacation we may be happy just to check the position of the sun,but computers need a more accurate measure of time. Luckily, there are atomic clocks that can receive time signals by radio and off the Internet.

  • Charly's Column

    If you do not receive a response to a ping, or if the response is seriously delayed, you might like to take this as a warning. But who wants to ping all day? You need a ping-based monitoring utility like Smokeping.

  • Charly's Column

    Leafnode is a Usenet server for small sites where just a few users need access to a large number of groups. The Leafnode server is designed to recover from errors autonomously and needs very little attention.

  • Charly's Column

    Despite the cyclical disruptions so typical of LUG meetings, our intrepid columnist, Charly, reveals how he set the system time in spite of a blocked NTP port.

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News