Comment Re:Only the beginning (Score 1) 236
You can check if you've been scanned for exploitable CGIs using something like (adjust apache logs path accordingly):
grep cgi
Thanks for the nice grep work - found one attempt to get my box to rat itself out via ping:
/var/log/apache2/access.log:89.207.135.125 - - [25/Sep/2014:03:52:14 -0500] "GET
Fortunately I was patched several hours prior to that.
Would there be any way for that probe to execute against a static 404 page - no cgi executing?
yep: