February 2006
Intermediate to advanced
304 pages
6h 16m
English
There are a lot of dumb hackers and worms out there. Many of them try to break into my web server using old exploits that work on Microsoft systems. Many of these exploits are used to try to access the program cmd.exe in the WINNT directory.
I run Linux, so I can tell you that no matter what you send to my box, you're not going to get access to an MS-DOS command prompt.
To identify the bad guys, I created a small script that scans the Apache error log looking for obvious hacking attempts and printing out the top hackers.
1 #!/usr/bin/perl 2 # 3 # Print out a list of who tried to hack 4 # the system. 5 # 6 # Uses a simple technique to detect hacking 7 # entries, specifically 8 # 9 # 1) Attempts to access any URL ...