[Dshield] Code Red Data Collection.

Tim Winders twinders at SPC.cc.tx.us
Thu Aug 2 02:48:37 GMT 2001


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I like that idea!  Anybody up for it???

     **********************************************
        Tim Winders, MCSE, CNE, CCNA
        Associate Dean of Information Technology
        South Plains College
        Levelland, TX  79336

        Phone:	806-894-9611 x 2369
        FAX:	806-894-1549
        Email:	TWinders at SPC.cc.tx.us
     **********************************************


On Wed, 1 Aug 2001, Joseph Shraibman wrote:

> Perhpas a cgi could be created that would send a mail to dshield every
> time someone tried to access default.ida?
>
> Johannes B. Ullrich wrote:
>
> > Ok. I try to kick up ISP notification for this beast 'up a notch'.
> > As in this case, regular web server access logs make a great IDS,
> > I setup a special DShield import system for them.
> >
> > If you mail relevant log lines to 'redalert at dshield.org' they will
> > be processed by this separate system. The idea is to come up with
> > a list of IPs and notify ISPs/hosting providers of it once a day
> > or so.
> >
> > Please indicate in the subject line what kind of web server was
> > used to collect the log.
> >
> > Here the one line Unix shell script to submit logs:
> >
> > grep 'default.ida?NNNNN' *access_log | mail -s 'APACHE' redalert at dshield.org
> >
> > Please spread the word ;-)
> >
> >   Johannes.
> >
> >
> >
>
>
> --
> Joseph Shraibman
> jks at selectacast.net
> Increase signal to noise ratio.  http://www.targabot.com
>
> _______________________________________________
> Dshield mailing list
> Dshield at dshield.org
> To change your subscription options (or unsubscribe), see: http://www1.dshield.org/mailman/listinfo/dshield
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (OSF1)
Comment: Made with pgp4pine 1.76

iEYEARECAAYFAjtov4gACgkQTPuHnIooYbyCxgCeLksVpJk6Q3hYGR9pZPZAvwoN
NMUAn2lZGK7BwOGaqEK3svzDgGlbv2y9
=Y3W8
-----END PGP SIGNATURE-----





More information about the list mailing list