#87091
02/18/2004 11:33 AM
|
Joined: Jan 2004
Posts: 23
stranger
|
stranger
Joined: Jan 2004
Posts: 23 |
I found this hacklog.cgi file created couple days ago. Does it tell me who the hacker is? I read that hacklog.cgi is created automatically when it detects corrupted files. Do I need to "rebuild" the files? What are the things that I need to watch out for when reading the hacklog.cgi?
I also read that we can delete this file, is that right?
Thanks, Tippy
-an adventure is simply a well planned trip gone awry.
|
|
|
#87092
02/18/2004 12:19 PM
|
Joined: Dec 2003
Posts: 16
stranger
|
stranger
Joined: Dec 2003
Posts: 16 |
Good question Tippy... I was wondering the same thing. FWIW I've notice 2 reoccuring things in my hacklog file:
1. When AOL users complain stuff dont work or they get lots of page timeouts, I can always find it in hacklog.
2. Most WebTV users cant seem to register, and the registrations that never get to the queue are in the hacklog file. I say "most" because I have 5 WebTV people mighty upset they cant get registered, yet I do have one other WebTV user who says he got in just fine. I even put one of the folks having trouble in touch with the guy who got in just fine and they couldnt figure out why one worked and the other didnt.
but other than this stuff... there's other junk in my hacklog file that makes me wonder what the heck it is.
|
|
|
#87093
02/18/2004 1:08 PM
|
Joined: Jun 2006
Posts: 16,299 Likes: 116
|
Joined: Jun 2006
Posts: 16,299 Likes: 116 |
The hacklog will find any nasties that anyone is attempting to do, and even some erors at times (not many).
The admin log will hold anything having to do with what your admin's are doing.
I wouldn't reccommend deleting them, if you must do away with it then remove the entries you don't want
|
|
|
#87094
02/18/2004 1:34 PM
|
Joined: Jul 2006
Posts: 2,143
Pooh-Bah
|
Pooh-Bah
Joined: Jul 2006
Posts: 2,143 |
The hacklog isn't exactly a log of hacks. Whenever the input filtering routines find something not quite right, or whenever a corrupted profile is found, the request is logged to the hacklog.
In general, you don't need to worry about the hacklog, unless it grows more than a few hundred KB. It's perfectly safe to ignore, or delete entirely.
(The name and purpose comes from the 5-series, where it really was a log of legit hack attempts. Our record on security issues since then has made the log pretty redundant...)
|
|
|
#87095
02/19/2004 10:55 AM
|
Joined: Dec 2003
Posts: 16
stranger
|
stranger
Joined: Dec 2003
Posts: 16 |
Originally posted by Gizmo: [qb] The hacklog will find any nasties that anyone is attempting to do, [/qb] I'm interested in spotting potential nasties... is there anything in particular i can search for to find such muck?
|
|
|
#87096
02/19/2004 11:54 AM
|
Joined: Jun 2006
Posts: 16,299 Likes: 116
|
Joined: Jun 2006
Posts: 16,299 Likes: 116 |
As charles stated it isn't really a good log anymore heh... Basically if a user is doin something differant than the standard way that the input routines read it, it'll log it to the file.
|
|
|
Bots
by Outdoorking - 04/13/2024 5:08 PM
|
|
|
|
|
|
0 members (),
868
guests, and
467
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
|
|