Security Incidents mailing list archives

Previous By Date Next
Previous By Thread Next

a suggestion

From: "Raistlin" <raistlin () gioco net>
Date: Sun, 5 Aug 2001 21:55:21 +0200
If you are scanning your apache error log files for the IDA / Red Code worm,
you may want to use something like:

in /var/log/httpd

cat *err.log | grep 'default.ida' | awk '{print $8 " " $1 " " $2 " " $3 " "
$4 " " $5}' | sed s/[][]/" "/g > myreport.txt

It's rude but functional.

Stefano "Raistlin" Zanero
System Administrator Gioco.Net
public PGP key block at http://gioco.net/pgpkeys

P.S. Thanks Kallisti and Clooney :P


----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com
Previous By Date Next
Previous By Thread Next

Current thread: