[svlug] tracking a errant web client

Rick Kwan kwanrj03 at comcast.net
Fri Sep 17 07:04:59 PDT 2004

Previous message: [svlug] SBAY Pizza reminder - Sat 9/18
Next message: [svlug] tracking a errant web client
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Summary:  I'm trying to track down someone's errant web client; it
may be someone I know whose machine is behaving strangely.

Details...

I'm looking at an Apache weekly "error_log" file.  Of 2000 entries
in there, about 1000 come from the same client IP address.  Given
the nature of the filenames requested, I suspect the client machine
either belongs to someone I know or someone with similar professional
interests (outside of computing).  (Or possibly, some crawler is
going nuts.)

The web client seems to be doing permutations of interesting
filenames, but looking for them in subdirectories named for certain
organizations, including the site's and possibly the person's
employer.

The simplistic approaches of pinging the client or telnet to port
80 do not get any response.

Any suggestions for figuring out what company or ISP this address
belongs to?  If I can get that far, I might be able to narrow it
down to the person's machine by discretely asking around.

--Rick Kwan

Previous message: [svlug] SBAY Pizza reminder - Sat 9/18
Next message: [svlug] tracking a errant web client
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list