Skip to main content

Getting which browser access your site, from apache's logs

I am developing a small web based system to run inside my sector here where I work. I had spend some time to make it compatible with the majority of web browsers available. I'm still not using html 5 and rendering dynamic graphics to png to display on Internet Explorer browsers. Even the PNG transparency is fixed to a solid background color for better rendering on Internet Explorer 6, so I decided to check which browser my colleges are using to access this small system.

To do it so, I used the follow line on my server's console:

cat /var/log/apache2/access.log | cut -d "\"" -f 6 | sort | uniq

Which had returned:

GbPlugin
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.1; InfoPath.2)
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.2)
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.2)
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2)
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; InfoPath.2; OfficeLiveConnector.1.3; OfficeLivePatch.0.0)
Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Chrome/10.0.648.204 Safari/534.16
Mozilla/5.0 (X11; U; Linux x86_64; en-US) AppleWebKit/534.16 (KHTML, like Gecko) Ubuntu/10.04 Chromium/10.0.648.133 Chrome/10.0.648.133 Safari/534.16


So... nobody is using IE6. Good!

Comments

Popular posts from this blog

More trickery with gnuplot dumb terminal

In my post "Plotting memory usage on console" the chart doesn't pan the data.
Now, using a named pipe, the effect got a little bit nicer.
First, we have to run the memUsage.sh script to get a file filled with memory usage info:
./memUsage.sh > memUsage.dat &
Then we have to create a named pipe:
mkfifo pipe
Now we have to run another process to tail only the last 64 lines from the memUsage.dat
while [ 1 ]; do tail -64 memUsage.dat> pipe; done &
And now we just have to plot the data from the pipe:
watch -n 1 'gnuplot -e "set terminal dumb;p \"pipe\" with lines"'
And that is it!

uSleep on windows (win32)

I am facing a terrible issue regarding timing on windows.

Googling arround, I've found those infos:
Using QueryPerformanceCounter and QueryPerformanceFrequency APIs in Dev-C++
(http://yeohhs.blogspot.com/2005/08/using-queryperformancecounter-and_13.html)
QueryPerformanceCounter() vs. GetTickCount()
http://www.delphifaq.com/faq/delphi_windows_API/f345.shtml
How to time a block of code
http://www.cryer.co.uk/brian/delphi/howto_time_code.htm
And Results of some quick research on timing in Win32 http://www.geisswerks.com/ryan/FAQS/timing.html
With that I'm trying to write something like a uSleep function for windows:


#include<windows.h>

voiduSleep(int waitTime){
__int64 time1 = 0, time2 = 0, sysFreq = 0;

QueryPerformanceCounter((LARGE_INTEGER *)&time1);
QueryPerformanceFrequency((LARGE_INTEGER *)&freq);
do{
QueryPerformanceCounter((LARGE_INTEGER *)&time2);

// }while((((time2-time1)*1.0)/sysFreq)<waitTime);
}while( (time2-time1) <waitTime);
}

There is also already a nanosleep…

Checking auth.log for ssh brute force attacks

As I am letting my personal computer always on, as a homelinux server, I decided to check if someone is trying to breaking in with SSH brute force attacks.

First I did a grep for fail at the /var/log/auth.log. (grep -i /var/log/auth.log)

And I got lots of lines with the string "fail". With [grep -i /var/log/auth.log | wc -l] I figured out that were 1164 fail entries at auth.log

With an [grep -i fail auth.log | cut -d " " -f 6 | sort | uniq] I checked that were two kind of failed attempts:
Failed
pam_unix(sshd:auth):

So I wrote the following line to check with which users they were attempting to log:
grep Failed auth.log | cut -d " " -f 11 | sort | uniq | while read line ; do echo -n $line" "; grep $line auth.log | wc -l; done | sort -n -k 2

Here, the field position (the number 11 at the above command lines [-f 11]) may change in some systems. At my desktop at work, the username came at the position 9.

Here are the "top ten":
root 2922
user 2884