Auditing NT and UNIX Webserver Logfiles

From: Cdowns (cdowns@skillsoft.com)
Date: Tue Oct 30 2001 - 18:56:41 PST

Next message: Guile cool: "Ipv6 Port scanner - Ipv6 DoS by Guilecool and Nyo - The ImperialS"

Previous message: Ofir Arkin: "Xprobe 0.0.2 Released"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Good Evening,
    Ive written a Perl script called Riplog-v4.pl which will check for a
slew of known http based exploits in your logfiles and report back with
a dump.out file while printing requests to the local term. What makes
this program nice is that it will mount the smb C$ share and check your
NT webserver logfiles, which could be run by a little cron job nightly
off a network bsd / linux box, You also can check a local set of
Logfiles by issueing the argument in the command line. The
vulnerabilties are defined inside the local array which can be modified.
Add or Remove exploit strings from it.

    I hope you find this tool useful. If you have any questions please
feel free to email me at cdowns@slartibartfast.angrypacket.com.

http://www.nhinfosec.com/dsbelile/downloads/security/riplog-v4.pl
http://cdowns.angrypacket.com

->under 'Monitoring Logfiles on an NT Server'

Enjoy ~!

    Sincerely,
        ~>D

application/x-perl attachment: riplog-v4.pl

Next message: Guile cool: "Ipv6 Port scanner - Ipv6 DoS by Guilecool and Nyo - The ImperialS"
Previous message: Ofir Arkin: "Xprobe 0.0.2 Released"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Nov 02 2001 - 10:13:35 PST