[Dshield] apache log analyzer

Mark Tombaugh mtombaugh at alliedcc.com
Wed May 18 16:50:08 GMT 2005


On Wednesday 18 May 2005 07:30, Suscripcions tsolucio wrote:
> I want to make statistics about the attacks that our apache server
> suffers every day, and of course know the attack and the source.

I highly recommend mod_security http://www.modsecurity.org
With it you can log if you choose, however, you also have the ability to 
thwart the attack and alert you about it. With the alerts, or with the logs 
that mod_security generates, you can quickly whip up a script for historical 
statistics.

Its not exactly what your'e looking for, but in the long run, I think this 
module, which actively looks for attacks and gives you the opportunity to 
take action on them, is a much better solution than a script which passively 
monitors log files.

-- 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Mark Tombaugh mtombaugh at alliedcc.com Allied Computer Corp
Research Triangle Park www.alliedcc.com tel:(919)598-8900
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

irc.freenode.net #dshielders
Come check out our primitive dshield.org ip & port report bot!



More information about the list mailing list