Here you have a detailed information on how to use LogChekker
If you should find out that your log files is not being read be LogChekkerLite you can send me some lines from your log files from within LogChekkerLite.
NB:Does not apply when downloading jar file for MAC/Linux users
Log files on this format:
Tuesday August 29, 2006 22:27:54 Unrecognized attempt blocked from xxx.xxx.xxx.xxx:1658 to xxx.xxx.xxx.xxx TCP:135
should use SMC router choise (DEFAULT)
(the files used here is a test file!)
Just type in any port number or a specific IP address and push the open button (or hit the enter key).
This is the valid port number list witch will be generated on your first search of the log file, and if you should happen to have more then one log file you can push the Make menu and chose make new port list for the new log file you select. Should you happen to close the port list, you can then retrieve it by going to the Edit menu and chose show port list. The number 652 is the total number of different ports in that log file. And as you can see the first search is rather slow.
Ordinary search.
And with fast port search enabeled. It might not be much use for this any more, but for now it's being keept.
After the file is searched you can select any of the ip addresses(or port numbers) by double clicking and press copy paste button to put the selected text in the search box and search again to see if there are more unrecognized attempts from the specific ip address or you could press the ip button and hopefully get some information about it.
This is what you get back from the ip info button or something similar if you are lucky(you have to be connected to the internet to get the information). This gives you all the information you need about the ones that are trying to connect to your computer, and witch ISP they use. Well most likely its from virus infected computers witch are repeatedly hitting computers with hack attempts but you should still notify their ISP.
After you have checked an ip address, you can hit the ISP button to find all incidents from that ISP (Internet service provider) within that net range.
ISP block fultext with date and timestamp
ISP block sorted fultext with date and timestamp
On any ip address you can double click to mark it and right click with the mouse and select quick search.
After a short time the result comes back and you can see if there are more incidents from the selected ip address.
If you then select the IP address again,and push the copy/paste button to place the IP address in the search field. After the new search are done you can see witch other port number that specifc ip address where blocked on.
And with the complete line of text.
In the registered version you can save anywhere you whant to save it and have the choise to save in either Browser format (htm) or notepad(txt)
Saved *.html port search.
Saved *.html IP address search.
Saved *.html ISP block search.
Saved *.html ISP block full text search with specific date set.
If you would like to se how many hits there been to the machine you can push the ALL IP button.
Or if you want to go directly to the IP addresses that has most attempts to your machine you can set the limit and just see the ones that are over that limit.
From the edit options menu you will find this one,and those showing are the default settings.
After you have gotton the answer from the whois look up you push the ISP button
And when you gotton your answer from the ISP button you can push the generate report button.
You then have the option to select the limit of who is going to be in the report (Default is 50).
After the report is generated you push the show report button so you can view the report. At the top of the report is a link tabel, and pushing any of the links will move the page to that position(to get back you push the count number). Above the link tabel you hopefully will see one or more e-mail addresses (if one are included in the whois look up).
When you push the e-mail address you will be taken here. The information about the attached file will be included in the e-mail. You will have to provide a valid e-mail address to get to send the e-mail. You then type your message and push the send button.
The following examples show how date and time patterns are interpreted in the U.S. locale. The given date and time are 2001-07-04 12:08:56 local time in the U.S. Pacific Time time zone.Example taken from java api.
| Date and Time Pattern | Result |
|---|---|
| "yyyy.MM.dd G 'at' HH:mm:ss z" | 2001.07.04 AD at 12:08:56 PDT |
| "EEE, MMM d, ''yy" | Wed, Jul 4, '01 |
| "h:mm a" | 12:08 PM |
| "yyyyy.MMMMM.dd GGG hh:mm aaa" | 02001.July.04 AD 12:08 PM |
| "EEE, d MMM yyyy HH:mm:ss Z" | Wed, 4 Jul 2001 12:08:56 -0700 |
| "yyyy-MM-dd'T'HH:mm:ss.SSSZ" | 2001-07-04T12:08:56.235-0700 |
| Date and Time Pattern | Result |
|---|---|
| EEE MMM dd HH:mm:ss yyyy | Mon Oct 31 16:48:04 2005 |
| EEEE, dd. MMMM yyyy HH:mm:ss | Freitag, 1. Oktober 2004 01:16:25 |
| yyyy. MMMM dd. HH:mm:ss | 2005. december 23. 18:05:23 |
| dd/MM/yyyy h:mm:ss a | 17/08/2006 2:29:49 PM |
| EEEE MMMM dd, yyyy HH:mm:ss | Tuesday August 29, 2006 22:27:51 |
| EEEE, MMMM dd, yyyy HH:mm:ss | Monday, August 01, 2006 22:53:39 |
| EEEE, dd. MMMM, yyyy HH:mm:ss | Monday, 27. August, 2006 23:24:41 |
| EEEE, MMM dd, yyyy h:mm:ss a | Saturday, May 13, 2006 2:46:11 PM |
To see differences in versions take a look at ProgramInfo page.
To try it out download the Lite version for Windows or for MAC/Linux users.If you rather have the Standard version(15$USD per lifetime license)or the Pro version(25$USD per lifetime license) if you already tried it out.
if you prefer paypal
Or if you prefer PayPal you can get LogChekker Standard here
You will get 20% off the Standard version by buying LogChekker from PayPal
They are all free!
You should allways have the latest versions for security reason.
From Mozilla
From Opera
From Microsoft
Free Registry Scan
Free Performance Scan
Best Backup Software of the Year
What's Your PC Status?