Log file analyzer

Does anyone know of a good free log file analyzer that can show where a visitors entering via a search term browsed? Ex. User xxx.xxx.xxx.xxx entered via a search for "puppies" visited /lab.html visited /care/fleas.html visited /beagle.html ended visit All of the free ones I know of only show a l

[Fwd: Discovering File System Corruption]

I have a 6.0-RELEASE-p1 box with a GENERIC kerbnel that I'm having some trouble with. I recently reconstituted the machine from being a 5.4 box. I didn't upgrade, I reinstalled. When I was trying to install tripwire, kept getting this message: "./bin/i386-unknown-freebsd_r/siggen missing. Build d

Discovering File System Corruption

I have a 6.0-RELEASE-p1 box with a GENERIC kerbnel that I'm having some trouble with. I recently reconstituted the machine from being a 5.4 box. I didn't upgrade, I reinstalled. When I was trying to install tripwire, kept getting this message: "./bin/i386-unknown-freebsd_r/siggen missing. Build d

Re: Tripwire Policy File and 5.4

FYI- The policy file looks to be updated for 5.x systems now. Tripwire's back. Bret Bret Walker wrote: > Does anyone know where I can find a good Tripwire policy file for 5.4? > > I installed tripwire-2.3.1.2_3 from ports, but the default policy file > throws a lot of erro

Tripwire Policy File and 5.4

Does anyone know where I can find a good Tripwire policy file for 5.4? I installed tripwire-2.3.1.2_3 from ports, but the default policy file throws a lot of errors. I think it's tailored to 4.x. Thanks, Bret smime.p7s Description: S/MIME Cryptographic Signature

RE: httpd in /tmp - Sound advice sought

PROTECTED] On Behalf Of Oliver Leitner Sent: Wednesday, February 09, 2005 8:48 AM To: Bret Walker; freebsd-questions@freebsd.org Subject: Re: httpd in /tmp - Sound advice sought i know a certain hacking group who is trying to run their trojan as httpd, i discovered that info through some shell accoun

httpd in /tmp - Sound advice sought

Last night, I ran chkrootkit and it gave me a warning about being infected with Slapper. Slapper exploits vulnerabilities in OpenSSL up to version 0.96d or older on Linux systems. I have only run 0.97d. The file that set chkrootkit off was httpd which was located in /tmp. /tmp is always mounted

RE: Pam_ldap

quot;error: PAM: Authentication failure" One step closer.. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dick Davies Sent: Friday, October 01, 2004 9:41 AM To: Bret Walker Cc: FreeBSD Questions Subject: Re: Pam_ldap * Bret Walker <[EMAIL PROTE

Pam_ldap

- The instructions I followed are here: http://www.netsys.com/pamldap/2002/04/msg00074.html Bret Walker Technical Support Consultant Medill School of Journalism Northwestern University 847-467-7845 847-491-2370 fax [EMAIL PROTECTED] smime.p7s Description: S/MIME cryptographic signature