Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
First let me preface I'm new to linux but got tons of experience with
other OS's and stuff.

Here is my question:

I found this error in my apache log the other day.  (stripped down the
IP of the offender)

[Sat Apr 30 15:13:38 2005] [error] [client x.x.119.172] Invalid method
in request

What it looks like to me is this guy decided to do a scan on one of my
web servers with NESSUS.  

Is there script that anybody knows of that I could use to go through
my apache error log and look for things that I define as "hell no
buddy" and add them to a DROP or REJECT list for IPTABLES?

I checked the system and security logs on the system and no entries
were made there. It appears this person was just checking out Apache.

Am I going about this the wrong way?  If a seasoned eye has a better
suggestion that would be great.  Links and advice are welcomed.

Thanks for your time.


tupolo@seeko.net wrote:
Quoted text here. Click to load it

Swatch or logwatch:-


http://freshmeat.net/projects/logwatch /

Site Timeline