Good Evening,
Ive written a Perl script called Riplog-v4.pl which will check for a
slew of known http based exploits in your logfiles and report back with
a dump.out file while printing requests to the local term. What makes
this program nice is that it will mount the smb C$ share and check your
NT webserver logfiles, which could be run by a little cron job nightly
off a network bsd / linux box, You also can check a local set of
Logfiles by issueing the argument in the command line. The
vulnerabilties are defined inside the local array which can be modified.
Add or Remove exploit strings from it.
I hope you find this tool useful. If you have any questions please
feel free to email me at cdownsat_private
http://www.nhinfosec.com/dsbelile/downloads/security/riplog-v4.pl
http://cdowns.angrypacket.com
->under 'Monitoring Logfiles on an NT Server'
Enjoy ~!
Sincerely,
~>D
This archive was generated by hypermail 2b30 : Fri Nov 02 2001 - 10:13:35 PST