Guest User

OSSEC

a guest
Feb 7th, 2016
120
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Beispiel1:
  2.  
  3. OSSEC HIDS Notification.
  4. 2016 Feb 07 12:30:07
  5.  
  6. Received From: mail->/var/log/apache2/error.log
  7. Rule: 1003 fired (level 13) -> "Non standard syslog message (size too large)."
  8. Portion of the log(s):
  9.  
  10. [Sun Feb 07 12:30:06.204552 2016] [core:error] [pid 19109] (36)File name too long: [client 51.255.65.45:40023] AH00036: access to /http%253A%252F%252Fsoz-net.neue-mitte-mv.de%252Fprofile%252Fstop_big_brother%3Fzrl%3Dhttp%253A%252F%252Fsoz-net.neue-mitte-mv.de%252Fprofile%252Fstop_big_brother%3Fzrl%3Dhttp%253A%252F%252Fsoz-net.neue-mitte-mv.de%252Fprofile%252Fstop_big_brother%3Fzrl%3Dhttp%253A%252F%252Fsoz-net.neue-mitte-mv.de%252Fprofile%252Fstop_big_brother%3Fzrl%3Dhttp%253A%252F%252Fsoz-net.neue-mitte-mv.de%252Fprofile%252Fstop_big_brother%3Fzrl%3Dhttp%253A%252F%252Fsoz-net.neue-mitte-mv.de%252Fprofile%252Fstop_big_brother%3Fzrl%3Dhttp%253A%252F%252Fsoz-net.neue-mitte-mv.de%252Fprofile%252Fstop_big_brother%3Fzrl%3Dhttp%253A%252F%252Fsoz-net.neue-mitte-mv.de%252Fprofile%252Fstop_big_brother failed (filesystem path '/var/www/html/friendica.anonsys.net/http%253A%252F%252Fsoz-net.neue-mitte-mv.de%252Fprofile%252Fstop_big_brother%3Fzrl%3Dhttp%253A%252F%252Fsoz-net.neue-mitte-mv.de%252Fp
  11. rofile%252Fstop_big_brother%3Fzrl%3Dhttp%253A%252F%252Fsoz-net.neue-mitte-mv.de%252Fprofile%252Fstop_big_brother%3Fzrl%3Dhttp%253A%252F%252Fsoz-net.neue-mitte-mv.de%252Fprofile%252Fstop_big_brother%3Fzrl%3Dhttp%253A%252F%252Fsoz-net.neue-mitte-mv.de%252Fprof
  12.  
  13.  
  14.  
  15. --END OF NOTIFICATION
  16.  
  17. Beispiel 2:
  18.  
  19. OSSEC HIDS Notification.
  20. 2016 Feb 07 12:40:50
  21.  
  22. Received From: mail->/var/log/apache2/error.log
  23. Rule: 1003 fired (level 13) -> "Non standard syslog message (size too large)."
  24. Portion of the log(s):
  25.  
  26. [Sun Feb 07 12:40:48.825860 2016] [core:error] [pid 20907] (36)File name too long: [client 51.255.65.12:25785] AH00036: access to /https%2525252525253A%2525252525252F%2525252525252Ffriendica.ambientedigital.org%2525252525252Fprofile%2525252525252Fx%2525252525253Fzrl%2525252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ffriendica.ambientedigital.org%2525252525252Fprofile%2525252525252Fx%2525252525253Fzrl%2525252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ffriendica.ambientedigital.org%2525252525252Fprofile%2525252525252Fx%2525252525253Fzrl%2525252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ffriendica.ambientedigital.org%2525252525252Fprofile%2525252525252Fx failed (filesystem path '/var/www/html/friendica.anonsys.net/https%2525252525253A%2525252525252F%2525252525252Ffriendica.ambientedigital.org%2525252525252Fprofile%2525252525252Fx%2525252525253Fzrl%2525252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ffriendica.ambientedigital.org%25252525
  27. 25252Fprofile%2525252525252Fx%2525252525253Fzrl%2525252525253Dhttps%2525252525253A%2525252525252F%2525252525252Ffriendica.ambientedigital.org%2525252525252Fprofile%2525252525252Fx%2525252525253Fzrl%2525252525253Dhttps%2525252525253A%2525252525252F%2525252525
  28.  
  29.  
  30.  
  31. --END OF NOTIFICATION
  32.  
  33. Beispiel 3:
  34.  
  35. OSSEC HIDS Notification.
  36. 2016 Feb 07 13:28:56
  37.  
  38. Received From: mail->/var/log/apache2/error.log
  39. Rule: 1003 fired (level 13) -> "Non standard syslog message (size too large)."
  40. Portion of the log(s):
  41.  
  42. [Sun Feb 07 13:28:56.398599 2016] [core:error] [pid 27446] (36)File name too long: [client 51.255.65.46:44397] AH00036: access to /http%25252525252525253A%25252525252525252F%25252525252525252Fsoz-net.neue-mitte-mv.de%25252525252525252Fprofile%25252525252525252Fneue-mitte_mv%25253Fzrl%25253Dhttp%25252525252525253A%25252525252525252F%25252525252525252Fsoz-net.neue-mitte-mv.de%25252525252525252Fprofile%25252525252525252Fneue-mitte_mv%25253Fzrl%25253Dhttp%25252525252525253A%25252525252525252F%25252525252525252Fsoz-net.neue-mitte-mv.de%25252525252525252Fprofile%25252525252525252Fneue-mitte_mv%25253Fzrl%25253Dhttp%25252525252525253A%25252525252525252F%25252525252525252Fsoz-net.neue-mitte-mv.de%25252525252525252Fprofile%25252525252525252Fneue-mitte_mv failed (filesystem path '/var/www/html/friendica.anonsys.net/http%25252525252525253A%25252525252525252F%25252525252525252Fsoz-net.neue-mitte-mv.de%25252525252525252Fprofile%25252525252525252Fneue-mitte_mv%25253Fzrl%25253Dhttp%25252525252525253
  43. A%25252525252525252F%25252525252525252Fsoz-net.neue-mitte-mv.de%25252525252525252Fprofile%25252525252525252Fneue-mitte_mv%25253Fzrl%25253Dhttp%25252525252525253A%25252525252525252F%25252525252525252Fsoz-net.neue-mitte-mv.de%25252525252525252Fprofile%25252525
  44.  
  45.  
  46.  
  47. --END OF NOTIFICATION
RAW Paste Data

Adblocker detected! Please consider disabling it...

We've detected AdBlock Plus or some other adblocking software preventing Pastebin.com from fully loading.

We don't have any obnoxious sound, or popup ads, we actively block these annoying types of ads!

Please add Pastebin.com to your ad blocker whitelist or disable your adblocking software.

×