Apache log file scanner
Jeff Sasmor
jeff at janix.com
Mon Oct 8 11:47:08 EDT 2001
If anyone is interested in a short Python script
that'll scan their Apache web server's log files
for break-in attempts from Code Red and a few
other worms, you should check out:
http://www.netkook.com/Members/jeff/virusprobe
I decided to create this when I noticed
(for a while now) how many scans from these
worms were being made. I'm sure that most
anyone reading this newsgroup could write this
themselves, but if anyone thinks that he or she
might find it useful then they are welcome to
download and use it.
Scanning my own log files produced a 350 KB
file of results, with some IP addresses causing
~250 or more break-in attempts. One turned out
to be on the system of the hosting provider I'm
using!
--
Jeff Sasmor
jeff at sasmor.com
www.netkook.com is an "open Zope CMF site"
More information about the Python-list
mailing list