The apache stop menu item in Backtrack Linux accomplishes one goal which is to stop the Apache web server. The previous article for apache start would have been enough to explain the basics to anyone using Apache on Backtrack Linux but since my goal is to write an article for every menu item and every tool within Backtrack here is the one for apache stop.
Backtrack Linux offers a lot to people of all skill sets and I really appreciate the thought that the developers have put behind making this a operating system platform that is friendly to all. In my experience there are penetration testers or information security enthusiasts of all levels and having Backtrack as a platform to learn from is great. The apache start menu item in Backtrack simply starts the Apache web server and is explained in more detail below.
Earlier while analyzing a Linux server it was pointed out to me that the Apache logs were filling up with constant connections requesting domains that were not configured on the server. To me it looked as if a load balancer somewhere was misconfigured and sending traffic to our IP address by mistake but I needed to open a ticket with the colocation provider to have them look into the issue further since the network in this case is not something I have any control over. Below is a quick Linux command that will output a list of IP addresses making port 80 connections to your server.
While working on a server farm for a client I kept running into some issues with one of the servers. The issue appeared to be a single CentOS Linux server in a cluster of ten CentOS Linux servers configured exactly the same as the other nine CentOS Linux servers was having issues writing to a network storage device. Initially I figured that the CentOS Linux server having the issues had some permission issues with the directory that was mounted to the SAN (Storage Area Network) however after minimal troubleshooting it was verified that the permissions were identical to the other servers. I started looking through other logs on the server having the issue and located some SELinux errors that were noticeably related to the issue at hand. Below I describe where the SELinux error was located, what the specific errors were, and how I was able to resolve the errors on this specific CentOS Linux server.
If you performed a default install of ModSecurity but never modified the configuration or completed any other steps the chances are that you are not logging any ModSecurity items. Typically you just need to add a directory structure with the proper permissions and then ModSecurity will do the rest as far as generating the files themselves.