Security Basics mailing list archives
Re: Web log file analysis tool
From: romain <r () fuckthespam com>
Date: Tue, 03 Jun 2008 14:14:48 -0400
Well, hope you log also the POST and other variable then if you want to detect XSS and so on.Anyway, afaik, there is no such tools, but it shouldn't be too difficult to do using the regexp base from PHPIDS project: http://php-ids.org/ and your favorite scripting language...
R. http://rgaucher.info Anja Hofmann wrote:
Hi!Currently, I'm looking for a web log file analysis tool which does not cause too much traffic/load on our LAMPP web servers. I've tried hobbit monitor (http://*hobbit*mon.sourceforge.net), but was disappointed, since the script I needed to search for suspicious patterns (bb-msgs.pl) was not part of the main package. I've also installed awstats (http://awstats.sourceforge.net/) which uses worms.pm to look for suspicious windows worms. However, I would love to find a plugin for awstats (or another program) that could also detect XSS attempts - as far as this is possible using only Apache log files.Thank you very much in advance. Yours sincerely, Anja Hofmann
Current thread:
- Re: remote control program Kurt Buff (Jun 02)
- <Possible follow-ups>
- Re: remote control program Kurt Buff (Jun 02)
- RE: remote control program Sean Tindall (Jun 02)
- Re: remote control program Adriel Desautels (Jun 02)
- RE: remote control program Joel (Jun 02)
- Re: remote control program Adriel Desautels (Jun 02)
- RE: remote control program Joel (Jun 03)
- Re: remote control program Adriel Desautels (Jun 03)
- RE: remote control program Joel (Jun 02)