Henrik,
I just tried to convert our access.log with your suggestion. It work (I
added "/usr/bin/perl" to load perl)!
Thanks a lot for your kind.
Best Regards,
Awie
----- Original Message -----
From: "Henrik Nordstrom" <hno@hem.passagen.se>
To: "Awie" <awie@eksadata.com>
Cc: <squid-users@ircache.net>
Sent: Monday, January 22, 2001 4:25 AM
Subject: Re: [SQU] Security issue
> Awie wrote:
>
> > Following up my problem of security, I need your comments and
> > suggestions.
>
> Find the requests in your proxy access.log, and then kill the bastard
> who is trying to hack other sites from within your network.
>
> A simple
> grep 'cmd.exe' access.log | perl -pe 's/\d+/localtime $&/e;'
> should give you the information you need to trace the user.
>
> --
> Henrik Nordstrom
> Squid Hacker
>
-- To unsubscribe, see http://www.squid-cache.org/mailing-lists.htmlReceived on Tue Jan 30 2001 - 04:29:28 MST
This archive was generated by hypermail pre-2.1.9 : Tue Dec 09 2003 - 16:57:38 MST