12 lines
452 B
Plaintext
12 lines
452 B
Plaintext
Scan Apache log files for CodeRed, Nimda, FormMail, proxy scanners and
|
|
other malicious probes. For each one found, track down the contact email
|
|
from WHOIS data and send a notice. Built-in rate controls prevent flooding
|
|
an admin even when his machines are scanning at high rates. Runs as a
|
|
non-privileged cron job to not interfere with the HTTP daemon's operation.
|
|
|
|
WWW: http://web.cs.cmu.edu/~dpelleg/hunch.html
|
|
|
|
-- Dan Pelleg
|
|
|
|
daniel+hunch@pelleg.org
|