Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: Code Red Warn
« previous next »
Pages: [1]   Go Down

Code Red Warn

  • 4 Replies
  • 560 Views

Alexie

Code Red Warn
« on: August 11, 2001, 04:15:07 PM »
Code Red Warn is a Perl script that tries to address the main problem with the Code Red worm, being that most people don't know they've been hit. It does this by watching Apache logfiles, and sending a "You've been hit" e-mail when a Code Red infected site first sends an attack.

Download here: http://www.zbox.dk/download.php?op=geninfo&did=25

NB: I think this one is a good idea..
Logged

David

Re: Code Red Warn
« Reply #1 on: August 11, 2001, 08:57:20 PM »
I've been using for the past 12 hrs the follow java application from (http://www.dynwebdev.com/codered/). I've had to do some funky ipforwarding, but seems to be working.  Since I didn't have any luck installing Java JRE on e-smith I forward any attempts to access my IP directly to my windows machine and have it deal with the attacks and send the offending IIS a message. Out of 100 hits I've been able to send back 30 messages.

If the perl script from the above could do something  in the same way as the java app, it would really get their attention. Since it's alittle harder to guess if they are using any of the defind user names for emails.
Logged

David

Re: Code Red Warn
« Reply #2 on: August 12, 2001, 08:35:52 AM »
Any idea why I'm getting the following error when trying to run the script?

[root@e-smith coderedwarn]# . coderedwarn                                      
bash: =me@email.com: command not found                                
bash: =/var/log/httpd/access_log: No such file or directory                    
bash: =/home/e-smith/files/ibays/ftps/files/java/coderedwarn/response.txt: No su
ch file or directory                                                            
bash: @addresses_to_email=(postmaster, webmaster, help, abuse,                  
support, root): command not found                                              
bash: =/usr/sbin/sendmail: No such file or directory                            
bash: coderedwarn: line 33: syntax error near unexpected token {'              
bash: coderedwarn: line 33: if ($pid = fork) {'
Logged

roger

Re: Code Red Warn
« Reply #3 on: August 12, 2001, 03:26:26 PM »
Looks like your script is being executed as a bash script, not a perl script.
Logged

David

Re: Code Red Warn
« Reply #4 on: August 12, 2001, 07:27:45 PM »
The script does have the following at the begining.:

#!/usr/bin/perl
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Legacy Forums
  3. Experienced User Forum
  4. Topic: Code Red Warn