[joomla] looking for logs
Hugo Francisco González Robledo
hugo.gonzalez at itslp.edu.mx
Fri Aug 18 21:37:17 EDT 2006
Hi all,
I'm researching on discover botnets, i'm looking or Mambo o Joomla
attacks, it could be seen on your Web server logs ...
I'm lookin specially on the string mosCon on the logs, if you could send
me your logs (filtered if you prefer) i appreciate a lot.
I have some evidence since March of this year, i identified 2 botnets,
but i want to probe the same method with other logs.
you could use this for apache for example :
cd /var/log/apache2
zcat access*gz | grep mosCon | gzip > /tmp/logs.gz
and mail me the file /tmp/logs.gz
Thanks in advice.
--
Hugo Francisco González Robledo
Instituto Tecnológico de San Luis Potosí
Llave pública en http://www.honeynet.org.mx
Llave pública en http://ardilla.zapto.org
Preguntale a Google-Earth donde estoy :
http://ardilla.zapto.org/ubicaHugo.kml
-------------------------------------------
Educación es lo que queda después de olvidar
lo que se ha aprendido en la escuela.
Albert Einstein
-------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 309 bytes
Desc: Digital signature
URL: <http://lists.nyphp.org/pipermail/joomla/attachments/20060818/3671b32c/attachment.sig>
More information about the Joomla
mailing list