error_log for krishna

From: durga prasad - datasoft (datasoftvsp@sify.com)
Date: 03/15/02


From: "durga prasad - datasoft" <datasoftvsp@sify.com>
To: <security-basics@security-focus.com>
Date: Fri, 15 Mar 2002 18:38:27 +0530

try ipchains -A input -p tcp -s <his address> tcp -s <your IP> -j DENY
that will deny access to your server from that IP till next reboot.
hosts.deny does not stop access of (webserver)
if yu have probs from multiple addresses let me know on the list.
regards
durga prasad

----- Original Message -----
From: "Krishna" <Krishna_shekhar@softhome.net>
To: <security-basics@securityfocus.com>
Sent: Wednesday, March 13, 2002 7:07 PM
Subject: Huge size of error_log of httpd !!!Please help Urgent

| Wednesday, March 13, 2002 6:57:32 PM
| Hi,
| The error_log of httpd is going huge in size.The logs show that
| someone is trying to execute files on the server and it continues
| to modify its search.This is the log
| [Sun Mar 10 06:05:39 2002] [error] [client 210.254.142.39] File does not
exist: /home/httpd/html/cgi/
| [Sun Mar 10 06:10:51 2002] [error] [client 210.254.142.39] File does not
exist: /home/httpd/html/admin-serv/config/admpw
| [Sun Mar 10 06:12:39 2002] [error] [client 210.254.142.39] File does not
exist: /home/httpd/html/publisher
| [Sun Mar 10 06:31:27 2002] [error] [client 210.254.142.39] File does not
exist: /home/httpd/html/whois_raw.cgi
|
| Is there any way to stop this happening.I put the hosts ipaddress in
| the hosts.deny.But maybe he does ipspoofing and tries again with a
| different IP address.
| Please help as the logs are growing bigger and reducing our bandwidth.
| I am using RedHat6.0
|
| --
| regards,
| Krishna mailto:Krishna_shekhar@softhome.net
|
| Krishna Shekhar
| Network Administrator
| Wiplash.com
|
| __ | / /___ _/__ __ \__ /___ |_ ___/__ / / /
| __ | /| / / __ / __ /_/ /_ / __ /| |____ \__ /_/ /
| __ |/ |/ / __/ / _ ____/_ /___ ___ |___/ /_ __ /
| ____/|__/ /___/ /_/ /_____/_/ |_/____/ /_/ /_/
|
|
| http://wiplash2000.com
|