Duport
02-28-2005, 08:08 PM
Hello,
Where about are the log files where I can find info after an attack, in /etc/ ? file? :)
Linux
Where about are the log files where I can find info after an attack, in /etc/ ? file? :)
Linux
 | View Full Version : Where are the server logs from a DDOS attack pergesu 02-28-2005, 09:13 PM Should be in /var/log Duport 02-28-2005, 09:58 PM Would it be mydomain.com file in there? Or what file .. Steven 02-28-2005, 10:14 PM what log files are you talking about pergesu 02-28-2005, 10:31 PM Duport, you need to know more than that. Are you looking for Apache logs, SSH logs...? /var/log is just the general location of log files - there are a bunch in there. If you're trying to figure out how a DOS happened to you, you'll probably need to have an expert take a look at things. If you don't even know what logs to look at, I'm guessing you won't be able to identify it yourself. Duport 02-28-2005, 11:16 PM Yes, they wanted the logs, Apache pergesu 02-28-2005, 11:48 PM well /var/log/httpd-access.log and httpd-error.log. Depending on how you have the virtual hosts set up, the logs could be (and probably are) different for each domain. Check out the Apache config file to determine exactly where the logs are. Duport 03-01-2005, 12:31 AM thanks for the above :) SupaDucta 03-01-2005, 05:15 AM Check out the Apache config file to determine exactly where the logs are. Yes, and often on cPanel setups you can find Apache logs in /usr/local/Apache/logs and domain logs in /usr/local/Apache/domlogs which of course depends where Apache is installed, so as pergesu said, take a look at Apache's folder and config file. |