Skip to main content

Determinate what a visitor ip@ is doing in the server



  • dalem
    grep -ir 194.39.78 /var/log may give you some insight
  • cPanelLauren
    The i flag in that grep is unnecessary -i, --ignore-case Ignore case distinctions in both the PATTERN and the input files. (-i is specified by POSIX.)
    You can look at a few other specific logs to find out what that IP is accessing as well: grep -r 194.39.78 /etc/apache2/logs/domlogs/
    grep 194.39.78 /usr/local/cpanel/logs/access_logs
    How are you getting the IP output? If you're running a netstat
    command the port the IP is connecting to is also indicative of the service its using.

Please sign in to leave a comment.