From: aleph1at_private
Date: Tue Oct 09 2001 - 21:19:46 PDT

  • Next message: aleph1at_private: "Reptor 1.0" 1.7
      by Viraj Alankar (
      Saturday, October 6th 2001 19:25
    Categories: Internet :: Log Analysis, Security, System :: Networking ::
    About: is a small script that, when given syslogs generated by
    snort or other tools, can generate an incident report for events that
    appear to be attempted security attacks, gather information on the remote
    host, and report the attack to the appropriate administrators. 
    Changes: 2 AU whois servers have been added, 'changed:' lines from whois
    are now ignored unless no other contacts are found, and MX lookups are now
    performed before whois to find the likely domain more quickly. A few more
    whois server error messages are handled properly, and timeouts/retries for
    whois are now configurable. Some other minor bugfixes and code cleanups
    were also done.
    License: GNU General Public License (GPL)
    Elias Levy
    Si vis pacem, para bellum

    This archive was generated by hypermail 2b30 : Tue Oct 09 2001 - 21:42:23 PDT