[CentOS] What is someone trying to do?
Jason
slackmoehrle.lists at gmail.com
Sun Jun 12 19:18:55 UTC 2011
> On Sun, Jun 12, 2011 at 1:49 PM, ken <gebser at mousecar.com (mailto:gebser at mousecar.com)> wrote:
> > That's interesting and useful in its way. But I'd prefer to use the
> > same scripts used by the actual crackers/bots. Not only would I be able
> > to test my sites with them, but I'd be able to recognize the
> > probes/attacks when they appear in logs as they did for Jason.
>
> There are many different scripts out there. I never bothered trying
> to find the scripts, just keep an eye on the web server logs,
> /var/log/secure and the syslog.
>
> When you see attempts to fetch things that are not installed on your
> system it is usually someone up to no good.
Well, I was creating ReWrite rules and directing to 301 when something came in that was not on my system, but it does involve almost daily editing of the rules to keep up with the new invalid requests that I see everyday.
-Jason
More information about the CentOS
mailing list