[Dshield] perl auto-responder script

Johannes B. Ullrich jullrich at euclidian.com
Fri Oct 19 03:39:57 GMT 2001

Hash: SHA1

Quick note... This email triggered a lot of anti virus scanners in mail
servers due to the filename of the script. I took a quick look at the code
and it does not look in anyway malicious.

However: Don't forget your 'safe computing' rules. You should not run a
script you receive on any list without doing some review of it first ;-).

> Someone may have already posted something like this, and I just missed it.
> But, here's a replacement for root.exe that e-mails administrator on the
> machine that is scanning for it.  It's written in perl and meant to run from
> Unix/Apache.  I put it on my Apache servers to run in response to scans
> which attempt to run the real root.exe.  So, if e-mail works - then an e-mail
> is sent asking the Administrator of the scanning machine to please stop.

- -- 
- -------
jullrich at sans.org                    Join http://www.DShield.org
                          Distributed Intrusion Detection System

Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org


More information about the list mailing list