Home page logo
/

basics logo Security Basics mailing list archives

Re: Web log file analysis tool
From: Adriel Desautels <adriel () netragard com>
Date: Tue, 03 Jun 2008 15:44:46 -0400

Good recommendation,
Only make sure that you .htaccess it with a strong user/pass combination because it contains exploitable vulnerabilities. As do most of those web analysis applications.

Regards,
        Adriel T. Desautels
        Chief Technology Officer
        Netragard, LLC.
        Office : 617-934-0269
        Mobile : 617-633-3821
        http://www.linkedin.com/pub/1/118/a45

        Join the Netragard, LLC. Linked In Group:
        http://www.linkedin.com/e/gis/48683/0B98E1705142

---------------------------------------------------------------
Netragard, LLC - http://www.netragard.com  -  "We make IT Safe"
Penetration Testing, Vulnerability Assessments, Website Security

Netragard Whitepaper Downloads:
-------------------------------
Choosing the right provider : http://tinyurl.com/2ahk3j
Three Things you must know  : http://tinyurl.com/26pjsn


Breno BF wrote:
Hi,
    I recommend webalizer[1]. IMHO that's a good log file analysis
tool. Available for IIS, Apache, et cetera.

1. http://www.mrunix.net/webalizer/

Regards,
    Breno BF
Att,
Breno Brand Fernandes
----- Original Message ----- From: "Anja Hofmann" <anja.hofmann () ub uni-tuebingen de>
To: <security-basics () securityfocus com>
Sent: Tuesday, June 03, 2008 7:37 AM
Subject: Web log file analysis tool


| Hi!
| Currently, I'm looking for a web log file analysis tool which does not
| cause too much traffic/load on our LAMPP web servers.
| I've tried hobbit monitor (http://*hobbit*mon.sourceforge.net), but was
| disappointed, since the script I needed to search for suspicious
| patterns (bb-msgs.pl) was not part of the main package.
| I've also installed awstats (http://awstats.sourceforge.net/) which uses
| worms.pm to look for suspicious windows worms.
| However, I would love to find a plugin for awstats (or another program) | that could also detect XSS attempts - as far as this is possible using
| only Apache log files.
| Thank you very much in advance.
| Yours sincerely,
| Anja Hofmann
|

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]