[CentOS] What is someone trying to do?

Mike Williams dmikewilliams at gmail.com
Sun Jun 12 18:29:51 UTC 2011


On Sun, Jun 12, 2011 at 1:49 PM, ken <gebser at mousecar.com> wrote:
> That's interesting and useful in its way.  But I'd prefer to use the
> same scripts used by the actual crackers/bots.  Not only would I be able
> to test my sites with them, but I'd be able to recognize the
> probes/attacks when they appear in logs as they did for Jason.

There are many different scripts out there.  I never bothered trying
to find the scripts, just keep an eye on the web server logs,
/var/log/secure and the syslog.

When you see attempts to fetch things that are not installed on your
system it is usually someone up to no good.

Mike



More information about the CentOS mailing list