If you are a Windows tech, you will run into Apache web server from time to time and likely be frustrated that it does not have even a basic GUI (by default) to manage it.
We recently had a client go through a security penetration test with an audit firm, and they were concerned that Apache was installed but not being by any software. What is using Apache? was the question they asked:
- Click START button
- Expand APACHE HTTP SERVER
- RIGHT CLICK on REVIEW ACCESS LOG and select MORE > OPEN FILE LOCATION
- RIGH CLICK on REIVEW ACCESS LOG shortcut and select OPEN FILE LOCATION
- Look at the path to determine what software installed Apache (and is still likely using it)
- RIGHT CLICK on ACCESS.LOG and select EDIT WITH NOTEPAD++ (or OPEN WITH whatever text editor your want)
As you can see in the screenshot above, we found that Trend Micro Security Server (Antivirus manager) was what was using Apache. We figured this out by using OPEN FILE LOCATION to get to the Apache logs.
If Apache was installed in a generic path like C:\PROGRAM FILES\APACHE, we would have had to open the ACCESS.LOG file and read through the entries to see what Apache was doing.
Note that because the Apache ACCESS.LOG file was so massive, it could not be opened by Notepad and we would use NOTEPAD++ .
0 Comments