1 |
On Mon, Aug 06, 2001 at 09:13:23PM -0600, Parag Mehta wrote: |
2 |
|
3 |
> fgrep ".ida?XXXXX" /var/log/apache/access_log | \ |
4 |
> cut -d" " -f1,4,5 | \ |
5 |
> sed -e 's/[][]//g' > aris.txt |
6 |
> |
7 |
> Mail to : |
8 |
> subjects: "ARIS Infection Report from httpd access_log" |
9 |
> email id : aris-report@×××××××××××××.com |
10 |
> |
11 |
> [Line may have wrapped] |
12 |
> |
13 |
> This would work on a gentoo system. Please use the appropriate path |
14 |
> to your Apache logfile for other systems and you can pipe the output to mail command. |
15 |
|
16 |
To make this information useful to securityfocus, you should also specify that |
17 |
requests from these IPs matched the ".ida?XXXXX" pattern. |
18 |
|
19 |
-- |
20 |
Daniel Robbins <drobbins@g.o> |
21 |
Chief Architect/President http://www.gentoo.org |
22 |
Gentoo Technologies, Inc. |