Re: [Full-Disclosure] Tracking a virus by logging infected machines
From: morning_wood (se_cur_ity_at_hotmail.com)
Date: 09/02/03
- Previous message: Marcus Graf: "Re: [Full-Disclosure] Tracking a virus by logging infected machines"
- In reply to: Marcus Graf: "Re: [Full-Disclosure] Tracking a virus by logging infected machines"
- Next in thread: Joel R. Helgeson: "Re: [Full-Disclosure] Tracking a virus by logging infected machines"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "Marcus Graf" <m.graf@firmenwelt.de>, <full-disclosure@lists.netsys.com> Date: Tue, 2 Sep 2003 00:04:04 -0700
> I don't think that it would be very helpful. Many of the unsecured
> machines where the virus will be successful are private PCs with a
> dialup internet access and are changing their IPs in short intervals.
> IMHO your IP list would be worthless within some hours or even some
> minutes.
>
try a non trojan ( no backdoor ) cgi notifer available at
http://illmob.org/files/cginotify3.zip
this reports both wan / lan at startup posting to an online notification
via a cgi ( perl ) script. includes password protection for the list.
morning_wood
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Marcus Graf: "Re: [Full-Disclosure] Tracking a virus by logging infected machines"
- In reply to: Marcus Graf: "Re: [Full-Disclosure] Tracking a virus by logging infected machines"
- Next in thread: Joel R. Helgeson: "Re: [Full-Disclosure] Tracking a virus by logging infected machines"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
