This is probably a little late, but those that want to watch the worm while it wanders might care to use a little tool I've written. Running on a Linux machine with an alias for every otherwise-unused IP address on a (small) block, it listens on port 80 and logs the source/destination and a bit of the URL fetched. Written in perl, it can be found with a small writeup at http://www.unixwiz.net/tools/websnarf.html On my /27 it's recording about 30 per hour. Steve Mod: dump this if too late to be interesting. --- Stephen J Friedl | Software Consultant | Tustin, CA | +1 714 544-6561 www.unixwiz.net | I speak for me only | KA8CMY | steveat_private ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Wed Aug 01 2001 - 21:13:29 PDT