| 1 |
On Mon, Aug 06, 2001 at 09:13:23PM -0600, Parag Mehta wrote: |
| 2 |
|
| 3 |
> fgrep ".ida?XXXXX" /var/log/apache/access_log | \ |
| 4 |
> cut -d" " -f1,4,5 | \ |
| 5 |
> sed -e 's/[][]//g' > aris.txt |
| 6 |
> |
| 7 |
> Mail to : |
| 8 |
> subjects: "ARIS Infection Report from httpd access_log" |
| 9 |
> email id : aris-report@×××××××××××××.com |
| 10 |
> |
| 11 |
> [Line may have wrapped] |
| 12 |
> |
| 13 |
> This would work on a gentoo system. Please use the appropriate path |
| 14 |
> to your Apache logfile for other systems and you can pipe the output to mail command. |
| 15 |
|
| 16 |
To make this information useful to securityfocus, you should also specify that |
| 17 |
requests from these IPs matched the ".ida?XXXXX" pattern. |
| 18 |
|
| 19 |
-- |
| 20 |
Daniel Robbins <drobbins@g.o> |
| 21 |
Chief Architect/President http://www.gentoo.org |
| 22 |
Gentoo Technologies, Inc. |
Archives