You could automate it thru CF to loop thru your log file:
<CFQUERY NAME="rs"
DBTYPE="dynamic"
CONNECTSTRING="Driver={Microsoft Text Driver (*.txt;
*.csv)};Dbq=c:\;Extensions=asc,csv,tab,txt;Persist Security Info=False;"
>
SELECT clienthost from internetlog.csv
</CFQUERY>
<cfset crlf=chr(10) & chr(13)>
<cfloop query="rs">
<cffile action = "write"
file = "c:\codered.bat"
output = "net send #rs.clienthost# Hello:
Your machine is infected with Code Red virus and is
attempting to infect my machine. Please patch ASAP.">
<cftry>
<cfexecute name="c:\codered.bat"
timeout = "10">
</cfexecute>
<cffile action="append"
file = "c:\coderedLOG.txt"
output = "Notification of #rs.clienthost# successful#crlf#">
<cfcatch>
<cffile action="append"
file = "c:\coderedLOG.txt"
output = "Notification of #rs.clienthost# not successful#crlf#">
</cfcatch>
</cftry>
</cfloop>
tom
"Richard Kuryk" <[EMAIL PROTECTED]> wrote in message
3A8BAD034B37D3118C6F009027791324043F60D7@NTSVR1">news:3A8BAD034B37D3118C6F009027791324043F60D7@NTSVR1...
> Yes, but if they don't know they have code red and there machine is
> unpatched, I would imagine the admin is some home user that got a cd from
of
> nt server and doesn't have a clue how to properly configure and secure
there
> box. So for the people that are still infected they have every service
> known to man running and probably won't even know what to do to correct
the
> situation, once notified! Now because of these morons we can't run a
small
> personal web site, since all high speed connections will start to shut
down
> incoming port 80. So far mine is still up, but not sure for how much
longer
> since my logs have tons of cable users requesting default.ida!
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Structure your ColdFusion code with Fusebox. Get the official book at
http://www.fusionauthority.com/bkinfo.cfm
FAQ: http://www.thenetprofits.co.uk/coldfusion/faq
Archives: http://www.mail-archive.com/cf-talk@houseoffusion.com/
Unsubscribe: http://www.houseoffusion.com/index.cfm?sidebar=lists
