[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] The Code-Red Worm is attacking... GOD it's attacking.
- Subject: Re: [cobalt-security] The Code-Red Worm is attacking... GOD it's attacking.
- From: Andre Bonhote <anbonhote@xxxxxxxxxxxxxxx>
- Date: Fri, 20 Jul 2001 09:00:44 +0200
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi Carrie
On Thu, Jul 19, 2001 at 09:00:51PM -0400, Carrie Bartkowiak wrote:
> Shimi's command above allows grep to include anything with
> "Guidant IE5" in it.
Right.
> So I changed Shimi's grep to:
> cat /var/log/httpd/access | grep .ida? | wc -l
Sorry to be teacherish, but why the two pipes? I mean
grep '\.ida' /var/log/httpd/access | wc -l
does the job. Just quote the period and it's not a regexp anymore.
> And it cut down the number to the true attempts - 247.
> Still... sheesh.
Where's the problem? I mean, 247 hits, in a not mentioned timespan -
nothing new, right? We don't run Winslows boxes, so we don't have to
care. Tell me when I am completely wrong there.
CU
André
--
André Bonhôte
IP Engineer
Email: anbonhote@xxxxxxx
Colt Telecom AG - Switzerland
Muertschenstrasse 27
CH - 8048 Zurich
Phone: (++41) +1 5 600 600
Fax: (++41) +1 5 600 610
Web: http://www.colt.ch