Visit Jeremy's Blog.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 02-03-2008, 09:53 PM   #1
Registered: Jan 2008
Location: Maryland US
Distribution: right now WindowsXP
Posts: 40

Rep: Reputation: 15
Where can I look to find any attacks on my web server?


Recently I connected a web server on the Internet.

I wish to learn on "How to find out if some one has tried to hack
into (or attack) my server?"

I know the httpd/access_log is a place to see who has accessed the wed pages. Are there other places that I can look into it?

Is there software like "Attack reporting" that will alert me?

Thanks for your help.

Old 02-04-2008, 12:33 AM   #2
LQ Newbie
Registered: Dec 2005
Location: Vancouver
Distribution: Debian/Ubuntu
Posts: 28

Rep: Reputation: 15
A first place to begin is by installing snort and BASE, that is a webfront to snort.

Here's an initial place to look for an install tutorial.

Old 02-04-2008, 12:55 AM   #3
Registered: Apr 2006
Posts: 63

Rep: Reputation: 23
Here you find some tips for an initial investigation:
Old 02-04-2008, 02:19 AM   #4
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,042
Blog Entries: 11

Rep: Reputation: 907Reputation: 907Reputation: 907Reputation: 907Reputation: 907Reputation: 907Reputation: 907Reputation: 907

welcome to LQ!

And I'm moving this over to security which is more appropriate
for this type of question.

Old 02-04-2008, 02:55 AM   #5
Senior Member
Registered: Dec 2005
Location: Brisbane, Australia
Distribution: Slackware64 14.0
Posts: 4,124

Rep: Reputation: 164Reputation: 164
Now that your post is in the security forum, take the time to look through the stickies, especially this one. In it, there's a section called "Compromise, breach of security, detection" and a link to the CERT Intruder Detection Checklist which is definitely worth a read.
Old 02-04-2008, 05:25 AM   #6
Registered: May 2005
Location: Northern VA
Distribution: Slackware, Ubuntu, FreeBSD, OpenBSD, OS X
Posts: 782
Blog Entries: 8

Rep: Reputation: 157Reputation: 157
Originally Posted by pching View Post

Is there software like "Attack reporting" that will alert me?

Thanks for your help.

Old 02-07-2008, 09:59 PM   #7
Registered: Jan 2008
Location: Maryland US
Distribution: right now WindowsXP
Posts: 40

Original Poster
Rep: Reputation: 15

Hi all,

Thank you for your reply to my question.

I'll study snort and start from there.



Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
Mozilla flaws could allow attacks, data access into Firefox & Mozilla web browsers! t3gah Linux - Security 6 04-09-2006 04:00 AM
Can't find running web server carlg Linux - General 0 10-13-2004 06:58 PM
can we configure a Linux server with mail server,file server and web server kumarx Linux - Newbie 5 09-09-2004 06:21 AM
setting up password protected web forms on an apache web server AZDAVE Linux - Security 3 07-07-2004 12:03 PM
Can't access Linux web server web pages from LAN client jaydave Linux - Networking 4 03-16-2003 02:38 AM

All times are GMT -5. The time now is 11:24 AM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration