RE: [Full-Disclosure] Pattern matching search tool

From: ALD, Aditya, Aditya Lalit Deshmukh (aditya.deshmukh_at_online.gateway.expertworks.net)
Date: 01/06/05

Next message: Madison, Marc: "RE: [Full-Disclosure] Possible DNS compromise/poisoning?"

Previous message: Dave Bryan: "Re: [Full-Disclosure] Re: Bluetooth: BlueSnarf and BlueBug Full Disclusore"
In reply to: Paul Schmehl: "[Full-Disclosure] Pattern matching search tool"
Next in thread: Paul Schmehl: "RE: [Full-Disclosure] Pattern matching search tool"
Reply: Paul Schmehl: "RE: [Full-Disclosure] Pattern matching search tool"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'Paul Schmehl'" <pauls@utdallas.edu>, <full-disclosure@lists.netsys.com>
Date: Thu, 6 Jan 2005 08:07:13 +0530

>-----Original Message-----
>From: full-disclosure-bounces@lists.netsys.com
>[mailto:full-disclosure-bounces@lists.netsys.com] On Behalf Of
>Paul Schmehl
>Sent: Thursday, January 06, 2005 02:58 AM
>To: full-disclosure@lists.netsys.com
>Subject: [Full-Disclosure] Pattern matching search tool
>
>Is anyone aware of a search tool (not Google or search engine
>aggregation
>software) that could be used to search our network for
>"interesting stuff"?
>It needs to be capable of doing pattern matching similar to
>perl's regular
>expression stuff.
>

Dear paul I think you answered your own question over here - its perl!
However there is another tool ntop that I use quite a lot.

>I'm looking for something that, for example, could tell me all
>the machines
>on our network that are running copies of phpBB (obvious
>reasons) so that
>we could quickly identify potential problem areas.

This I would use a fine tuned version of snort or
a http proxy logging all the requests with logwatch watching for the
"intresting stuff"

-aditya

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Madison, Marc: "RE: [Full-Disclosure] Possible DNS compromise/poisoning?"

Previous message: Dave Bryan: "Re: [Full-Disclosure] Re: Bluetooth: BlueSnarf and BlueBug Full Disclusore"
In reply to: Paul Schmehl: "[Full-Disclosure] Pattern matching search tool"
Next in thread: Paul Schmehl: "RE: [Full-Disclosure] Pattern matching search tool"
Reply: Paul Schmehl: "RE: [Full-Disclosure] Pattern matching search tool"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

AW: [Full-Disclosure] What to do with bot networks
... Im Auftrag von Paul Schmehl ... > This is a huge network that is likely used for DDOSing. ... Full-Disclosure - We believe in it. ... Charter: http://lists.netsys.com/full-disclosure-charter.html ...
(Full-Disclosure)
SP2 program loss
... rebooted and lost funtionality of the SEARCH tool under the ... as well as the network status icon in the taskbar. ...
(microsoft.public.windowsupdate)
SP2 - missing MS functions
... rebooted and lost funtionality of the SEARCH tool under the ... as well as the network status icon in the taskbar. ...
(microsoft.public.windowsupdate)
[Full-Disclosure] Pattern matching search tool
... Is anyone aware of a search tool (not Google or search engine aggregation ... software) that could be used to search our network for "interesting stuff"? ...
(Full-Disclosure)
Re: I cant install netperf
... Em 09/06/2005, às 19:54, Paul Schmehl escreveu: ... >> Now i get the network ok and ports working, ... To unsubscribe, ...
(freebsd-questions)