Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Logging Nimda/Codered/Virii attacks in separate logs' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Logging Nimda/Codered/Virii attacks in separate logs
Authored by: valmont on Nov 03, '01 06:35:00PM

I posted a how-to on my first slashdot journal entry at:

http://slashdot.org/journal.pl?op=display&uid=3573&id=1405

i've also worked on a set of shell scripts that would interact with a potential perl module described in that post, which can also be used as standalone, which basically leverages the codered/nimda backdoors to make some significant attempts to harmlessly and not too intrusively "warn" the infected hosts. It also creates a list of unique hosts as they hit you. It's kinda ugly though.



[ Reply to This | # ]