CodeBlue 4

From: aleph1at_private
Date: Mon Oct 01 2001 - 14:46:34 PDT

  • Next message: aleph1at_private: "IPtables Firewall Webmin Module 0.85.1-ALPHA (Development)"

    CodeBlue 4
      by Apollyon (
      Friday, September 21st 2001 09:46
    Categories: Communications :: Email, Internet :: Log Analysis, Security,
    About: CodeBlue is an attempt to increase the awareness of hosts that are
    infected with malicious worms by scanning Apache log files and emailing the
    infected hosts with details of their infection and how to obtain help
    removing the worm. Currently, CodeBlue scans Apache logs for Code Red, Code
    Red 2, and Nimda. 
    Changes: A new -q option lets CodeBlue query the Nimda Registry at, and add each infected host to the database. Email is
    sent as highest priority. Only root can run CodeBlue now. Lots of code
    cleanups and optimizations were made. 
    License: GNU General Public License (GPL)
    Elias Levy
    Si vis pacem, para bellum

    This archive was generated by hypermail 2b30 : Mon Oct 01 2001 - 16:24:04 PDT