Difference between revisions of "Bespoke web pages"
From MyWiki
| Line 2: | Line 2: | ||
Following one incident where a automated process was accessing a web email query form and sending a large number of rogue emails the following page was designed at http://backup.gold.ac.uk/webteam/secure.html to perform a quite limited analysis of the webserver logs. Although interesting it's of limited use to detect such attacks.<br> | Following one incident where a automated process was accessing a web email query form and sending a large number of rogue emails the following page was designed at http://backup.gold.ac.uk/webteam/secure.html to perform a quite limited analysis of the webserver logs. Although interesting it's of limited use to detect such attacks.<br> | ||
Further details below:<br> | Further details below:<br> | ||
| − | + | The script to create this web page is run from roots cron on backup.gold.ac.uk using the following crontab entry<br> | |
| + | 0,20,40 * * * * /usr/local/bin/security.sh > /var/tmp/cron_log 2>&1<br> | ||
| + | |||
[[File:Log file analysis.png]] | [[File:Log file analysis.png]] | ||
Revision as of 09:40, 21 May 2014
Several bespoke web pages have been created to server various needs.
Following one incident where a automated process was accessing a web email query form and sending a large number of rogue emails the following page was designed at http://backup.gold.ac.uk/webteam/secure.html to perform a quite limited analysis of the webserver logs. Although interesting it's of limited use to detect such attacks.
Further details below:
The script to create this web page is run from roots cron on backup.gold.ac.uk using the following crontab entry
0,20,40 * * * * /usr/local/bin/security.sh > /var/tmp/cron_log 2>&1
