UBB.threads PHP Forum Software Community Forums UBB.classic UBB.classic 6 Support Understanding hacklog.cgi

I found this hacklog.cgi file created couple days ago. Does it tell me who the hacker is? I read that hacklog.cgi is created automatically when it detects corrupted files. Do I need to "rebuild" the files? What are the things that I need to watch out for when reading the hacklog.cgi?

I also read that we can delete this file, is that right?

Thanks,
Tippy

Good question Tippy... I was wondering the same thing. FWIW I've notice 2 reoccuring things in my hacklog file:

1. When AOL users complain stuff dont work or they get lots of page timeouts, I can always find it in hacklog.

2. Most WebTV users cant seem to register, and the registrations that never get to the queue are in the hacklog file. I say "most" because I have 5 WebTV people mighty upset they cant get registered, yet I do have one other WebTV user who says he got in just fine. I even put one of the folks having trouble in touch with the guy who got in just fine and they couldnt figure out why one worked and the other didnt.

but other than this stuff... there's other junk in my hacklog file that makes me wonder what the heck it is.

The hacklog will find any nasties that anyone is attempting to do, and even some erors at times (not many).

The admin log will hold anything having to do with what your admin's are doing.

I wouldn't reccommend deleting them, if you must do away with it then remove the entries you don't want

The hacklog isn't exactly a log of hacks. Whenever the input filtering routines find something not quite right, or whenever a corrupted profile is found, the request is logged to the hacklog.

In general, you don't need to worry about the hacklog, unless it grows more than a few hundred KB. It's perfectly safe to ignore, or delete entirely.

(The name and purpose comes from the 5-series, where it really was a log of legit hack attempts. Our record on security issues since then has made the log pretty redundant...)

I'm interested in spotting potential nasties... is there anything in particular i can search for to find such muck?

As charles stated it isn't really a good log anymore heh... Basically if a user is doin something differant than the standard way that the input routines read it, it'll log it to the file.