Seeing many people have asked. > Any chance of sharing the scripts that created those charts? I've placed the copy of my script that produced the output below at: http://www.nerdvest.com/security/get-times2.bash It's slow and inefficient, but you know it only took a few minutes to write. Developed on a OpenBSD system using the bash shell. I'm told it runs fine under other sh like shells. The script reads standard format Apache log files and outputs a list of counts for codered and nimda worm scans by hour. It has a few lines that need to be tailored for your site. It doesn't output the headers, but easily could be extended to. dd/mmm/yyyy:hh CodeRed Nimda -------------- -------------------- --------------------- 21/Sep/2001:00 /16 0 /8 0 /0 0 /16 0 /8 4 /0 4 21/Sep/2001:01 /16 0 /8 0 /0 1 /16 0 /8 4 /0 4 -- | Bryan Andersen | bryanat_private | http://www.nerdvest.com | | Buzzwords are like annoying little flies that deserve to be swatted. | | -Bryan Andersen | ---------------------------------------------------------------------------- This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com
This archive was generated by hypermail 2b30 : Sun Sep 23 2001 - 10:18:43 PDT