View previous topic :: View next topic |
Author |
Message |
angelsan -
Joined: 11 Jan 2005 Posts: 12
|
Posted: Mon Feb 14, 2005 5:07 pm Post subject: How Do I Read The Logs? |
|
|
How do I read the logs without stopping the server? I have tried to find this ifo and have not been able to find out how to do it. |
|
Back to top |
|
|
Axis -
Joined: 29 Sep 2003 Posts: 336
|
Posted: Mon Feb 14, 2005 6:58 pm Post subject: |
|
|
Hello angelsan--
I use a log viewer "BareTail" available free from http://www.baremetalsoft.com/
From the vendor:
"BareTail is a real-time file viewing utility. Similar to the Unix tail -f utility, it can be used to view the end of a growing file. It is ideal for viewing logs or traces in real-time. It can be used to view huge files (larger than 2GB) and runs with the same performance regardless of the file size. With BareTail you can scroll to any point in a file instantly, even if the file is enormous. BareTail supports configurable highlighting and international character sets (Unicode and UTF-8)."
Regards,
Axis |
|
Back to top |
|
|
angelsan -
Joined: 11 Jan 2005 Posts: 12
|
Posted: Mon Feb 14, 2005 9:18 pm Post subject: |
|
|
Thanks Axiz! That works quite well for Windows XP |
|
Back to top |
|
|
angelsan -
Joined: 11 Jan 2005 Posts: 12
|
Posted: Wed Feb 16, 2005 4:04 pm Post subject: |
|
|
Ok, my server is running fine, and i am looking at my access log. I see some people trying to access my machine with some strange codes in the line. I imagine they are trying to take control of the server or the computer. Where can I find information as to how to interpret these log records and the codes? Also, what is a favicon.ico that Firefox request whe trying to access a foto in my server? |
|
Back to top |
|
|
olly86 -
Joined: 25 Apr 2003 Posts: 993 Location: Wiltshire, UK
|
Posted: Wed Feb 16, 2005 4:33 pm Post subject: |
|
|
angelsan wrote: | I see some people trying to access my machine with some strange codes in the line. |
The code is probably an ICS, or Apache vulnerability attack, so there is nothing to wore about in terms of security. Abyss currently has no know security problems.
angelsan wrote: | Also, what is a favicon.ico that Firefox request whe trying to access a foto in my server? |
A favicon is a small image 16*16 pixels that is displayed in the address bar, next to the address of the server. As well as being displayed next to the address in your bookmarks (favorites). _________________ Olly |
|
Back to top |
|
|
angelsan -
Joined: 11 Jan 2005 Posts: 12
|
Posted: Wed Feb 16, 2005 10:55 pm Post subject: |
|
|
Where can I get information as to what everything in the logs mean? I am lost trying to read all that info. I can tell what afew of the lines mean, but most of the rest is greek to me. Please porvide any reference material I can study.
Thanks |
|
Back to top |
|
|
Anonymoose -
Joined: 09 Sep 2003 Posts: 2192
|
Posted: Wed Feb 16, 2005 11:42 pm Post subject: |
|
|
The log is written in a standard format known as Common Log Format - this is explained here :
http://www.bacuslabs.com/WsvlCLF.html
If you mean what do individual lines in your log mean - ie ones with strange requests - your best bet is to copy a sample of the request into google. If the request was generated by any type of worm or other automated attack you should see a number of security sites reporting it. |
|
Back to top |
|
|
mcwilliams132 -
Joined: 27 Jul 2003 Posts: 167 Location: Oshkosh, WI
|
Posted: Thu Feb 17, 2005 7:29 pm Post subject: |
|
|
you can also try Funnel Web Analyzer...works great, fast and provides great reports - FREE.
http://www.funnelwebcentral.com/ _________________ ::::::::::::::::::::::::::::::::::::::::::::::::::
:: Jon-Paul LeClair
:: http://mcwilliamsworld.com
:: "Lobster sticks to magnet!" |
|
Back to top |
|
|
|