[39685] in North American Network Operators' Group
Code Red http log request
daemon@ATHENA.MIT.EDU (Jon O .)
Fri Jul 20 01:05:46 2001
Date: Thu, 19 Jul 2001 22:05:10 -0700
From: "Jon O ." <jono@microshaft.org>
To: nanog@merit.edu
Message-ID: <20010719220510.H61574@networkcommand.com>
Reply-To: "jono@networkcommand.com" <jono@microshaft.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="nFBW6CQlri5Qm8JQ"
Content-Disposition: inline
Errors-To: owner-nanog-outgoing@merit.edu
--nFBW6CQlri5Qm8JQ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hey:
I'm doing a post infection analysis of the Code Red worm.=20
If you could send me any http logs showing hits on=20
default.ida that would help get a larger sampling.
cat /var/log/apache_access_log | grep default.ida
This command outputs a great format.=20
Thanks,
Jon
--nFBW6CQlri5Qm8JQ
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD4DBQE7V7wF6nXMS6O+1XQRAkT0AJdh4Jd09nqPCZyyWkg/wE9+NYT7AJ94DY6b
7UNRoR9EGrbSsrYeoIBFjg==
=Qq3k
-----END PGP SIGNATURE-----
--nFBW6CQlri5Qm8JQ--
