Difference between revisions of "Bespoke web pages"
From MyWiki
(Created page with "Several bespoke web pages have been created to server various needs.<br> Following one incident where a automated process was accessing a web email query form and sending a la...") |
|||
| (7 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
Several bespoke web pages have been created to server various needs.<br> | Several bespoke web pages have been created to server various needs.<br> | ||
| − | Following one incident where a automated process was accessing a web email query form and | + | Following one incident where a automated process was accessing a web email query form and causing it to send a large number of rogue emails the following page was designed at http://backup.gold.ac.uk/webteam/secure.html to perform a quite limited analysis of the webserver logs. Although interesting it's of limited use to detect such attacks.<br> |
| + | <br> | ||
| + | The script to create this web page is run from roots cron on backup.gold.ac.uk using the following crontab entry<br> | ||
| + | 0,20,40 * * * * /usr/local/bin/security.sh > /var/tmp/cron_log 2>&1<br> | ||
| + | <br> | ||
| + | [[File:Log file analysis.png]] | ||
Latest revision as of 09:41, 21 May 2014
Several bespoke web pages have been created to server various needs.
Following one incident where a automated process was accessing a web email query form and causing it to send a large number of rogue emails the following page was designed at http://backup.gold.ac.uk/webteam/secure.html to perform a quite limited analysis of the webserver logs. Although interesting it's of limited use to detect such attacks.
The script to create this web page is run from roots cron on backup.gold.ac.uk using the following crontab entry
0,20,40 * * * * /usr/local/bin/security.sh > /var/tmp/cron_log 2>&1
