The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Domlogs Searching

Discussion in 'General Discussion' started by Mysteerie, Aug 5, 2005.

  1. Mysteerie

    Mysteerie Well-Known Member

    Joined:
    Dec 29, 2003
    Messages:
    129
    Likes Received:
    0
    Trophy Points:
    16
    I’m trying to track down an abuse script that is sending a lot of outgoing traffic. I know for a fact that it is through phpbb, but I want to track down the specific user. If I knew the file they were using to excute, how can I locate it in the domlogs, without going in each of them one by one?

    Any other advice would also be appreciated. :)
     
  2. Quiddity

    Quiddity Registered

    Joined:
    Jan 13, 2004
    Messages:
    3
    Likes Received:
    0
    Trophy Points:
    1
    while this isn't necessarily the most comprehensive find command/regex, it should put you in the right direction :)

    find /usr/local/apache/domlogs/ -exec egrep -Hi '(wget|touch|mkdir|/tmp|curl|gcc|perl)%20' {} \;
     
Loading...

Share This Page