12 Jun
2011
12 Jun
'11
10:29 a.m.
On Sun, Jun 12, 2011 at 1:49 PM, ken gebser@mousecar.com wrote:
That's interesting and useful in its way. But I'd prefer to use the same scripts used by the actual crackers/bots. Not only would I be able to test my sites with them, but I'd be able to recognize the probes/attacks when they appear in logs as they did for Jason.
There are many different scripts out there. I never bothered trying to find the scripts, just keep an eye on the web server logs, /var/log/secure and the syslog.
When you see attempts to fetch things that are not installed on your system it is usually someone up to no good.
Mike