raw log files

Status
Not open for further replies.
J

jjpp12

Solid State Member
Messages
9
Hi guys, have a question about raw log files. I understand the basic breakdown of what the file can give you isp, time etc. But can they tell you what a user actually did - i.e. not just the pages they visited. Specifically say a website was edited, would the log file tell you what was edited on that page down to details of word's changed etc. Or is that information not obtainable?

If this is unclear please ask and I'll try to clarify - would really appreciate a response.
 
Unless you had access to the webpage, not that I am aware of. A keylogger could record keystrokes, or a program that records on-screen activity... both are illegal if used outside of specific environments/situations.

I can see if a mod alters a post and such as this site maintains a log of activity. This may be what you are meaning. That would fall outside of the log files of the user, but would be found in the log files of the site (if it is set up to record such activity).

Of course, I could be looking in a completely wrong direction, too.
 
Hi, thanks for the response. If the site I'm speaking about doesn't have the setup to record the activity you mention (which I guess isn't standard?) then presumably using the raw log files there isn't any way to tell more about the person than IP etc, as in you can't see what they've edited?

Trotter said:
Unless you had access to the webpage, not that I am aware of. A keylogger could record keystrokes, or a program that records on-screen activity... both are illegal if used outside of specific environments/situations.

I can see if a mod alters a post and such as this site maintains a log of activity. This may be what you are meaning. That would fall outside of the log files of the user, but would be found in the log files of the site (if it is set up to record such activity).

Of course, I could be looking in a completely wrong direction, too.
Click to expand...
 
None that I know of. If you had before and after shots/screen captures of the site you could check, or even saved copies of the source code (View > Page Source in Firefox), you could use that and look for differences.

forums, such as this one, and similar sites normally are set up to log all activity. A blog probably isn't, nor would a social networking site (like Facebook)... at least not that anyone other than Facebook could access.

Might I ask why you want to know these things?
 
Trotter said:
None that I know of. If you had before and after shots/screen captures of the site you could check, or even saved copies of the source code (View > Page Source in Firefox), you could use that and look for differences.

forums, such as this one, and similar sites normally are set up to log all activity. A blog probably isn't, nor would a social networking site (like Facebook)... at least not that anyone other than Facebook could access.

Might I ask why you want to know these things?
Click to expand...

Sure - essentially some guys I work with think a website they had built has been changed, and wants to know if they can use the raw log files to determine what it was. It's a text based site with a straightforward interface a company built for him which allows him to modify text and pages, add pictures etc. The company which built it for him told him they can't monitor any changes made etc because they didn't set it up to monitor any of these things so there isn't a way of telling when it was accessed, who by what they did etc. But they was wondering whether it is possible to do that using any combination of records available to him. They don't have anything apart from a standard hosting package and the interface which was built for them.

Thanks.
 
Have him copy the page source before he logs out and compare it whenever he logs in. If nothing else, copy and paste it into Word and see if the character count has changed to be quick and dirty about it. Someone would have to be pretty good to make the character count come out the same.
 
Trotter said:
Have him copy the page source before he logs out and compare it whenever he logs in. If nothing else, copy and paste it into Word and see if the character count has changed to be quick and dirty about it. Someone would have to be pretty good to make the character count come out the same.
Click to expand...

Ok thank you , really appreciate your help. Just to confirm, are you saying that the raw log files wouldn't tell him what changes were made? I only ask because he specifically thought this might be a way of tracking things
 
I have no idea. :D I am not familiar with the files you are talking about, at least not by that name. besides, if it is the hosting company messing with the site they can easily bypass any log.
 
Do you think something malicious has happened to the site? If you do most of the web hosts I know normally employ some form of IDS like snort they should be able to look through the logs for you.
If you are still worried post up copy's of the log's you have and I will take a look at them for you.
 
Status
Not open for further replies.

Similar threads

J
Deleting files on my iphone
Replies
2
Views
771
Joe C
Joe C
Wallaby Dan
Music files
2 3
Replies
22
Views
3K
Wallaby Dan
Wallaby Dan
B
Multiple Seagate External Drives Not Working(Windows+Mac)
Replies
2
Views
504
Joe C
Joe C
S
Would it benefit me joining Discord chat groups?
Replies
0
Views
917
Scissorman
S
grantheo
Asking for your feedback on a PHP code security scanner in beta
Replies
1
Views
890
grantheo
grantheo
Back
Top Bottom