[Dshield] Shorewall Parser and Apache Logs

Bogdan Stancescu mgv at fx.ro
Thu Nov 14 15:12:15 GMT 2002


Just in case my previous message doesn't make it to the list (I 
inadvertently sent it from my other e-mail), here's a newbie question 
for you: does anyone know if there's any Shorewall log parser for dshield?

And here's another :) How about obvious attempts at http hacks? For 
instance I get lots of such http requests lately (zillions of 
variations, but it's obvious what they're trying): "GET 
/scripts/..%c0%af../winnt/system32/cmd.exe?/c+dir+c:\\ HTTP/1.1"

Shouldn't these be considered attempted attacks as well, in spite of not 
being logged by the firewall?




More information about the list mailing list