[svlug] tracking a errant web client
kwanrj03 at comcast.net
Fri Sep 17 07:04:59 PDT 2004
Summary: I'm trying to track down someone's errant web client; it
may be someone I know whose machine is behaving strangely.
I'm looking at an Apache weekly "error_log" file. Of 2000 entries
in there, about 1000 come from the same client IP address. Given
the nature of the filenames requested, I suspect the client machine
either belongs to someone I know or someone with similar professional
interests (outside of computing). (Or possibly, some crawler is
The web client seems to be doing permutations of interesting
filenames, but looking for them in subdirectories named for certain
organizations, including the site's and possibly the person's
The simplistic approaches of pinging the client or telnet to port
80 do not get any response.
Any suggestions for figuring out what company or ISP this address
belongs to? If I can get that far, I might be able to narrow it
down to the person's machine by discretely asking around.
More information about the svlug