Re: Apache Log Files

2002-08-18 Thread Cristian Ionescu-Idbohrn
Matthew, On Wed, 14 Aug 2002, Matthew Sackman wrote: [snip] Does anyone know of a simple program that will return info on whois IP lookup in a set format? You might want to have a look at this: http://www.blars.org/hinfo.html It returns some interesting info in this format: , |

Re: Apache Log Files

2002-08-18 Thread Blars Blarson
In article [EMAIL PROTECTED] [EMAIL PROTECTED] writes: On Wed, 14 Aug 2002, Matthew Sackman wrote: Does anyone know of a simple program that will return info on whois IP lookup in a set format? You might want to have a look at this: http://www.blars.org/hinfo.html It returns some

Re: Apache Log Files

2002-08-18 Thread matthew
On Sun, Aug 18, 2002 at 11:52:02AM +0200, Cristian Ionescu-Idbohrn wrote: Matthew, On Wed, 14 Aug 2002, Matthew Sackman wrote: [snip] Does anyone know of a simple program that will return info on whois IP lookup in a set format? You might want to have a look at this:

Re: Apache Log Files

2002-08-18 Thread Cristian Ionescu-Idbohrn
On Sun, 18 Aug 2002, Blars Blarson wrote: In article [EMAIL PROTECTED] [EMAIL PROTECTED] writes: [snip] You might want to have a look at this: http://www.blars.org/hinfo.html [snip] It doesn't seem to be packaged for Debian, which is a pitty. Should I consider this a request?

Re: Apache Log Files

2002-08-15 Thread thing
admins in korea wont read english I suspect many wont even look, care or be able to fix the problem(s) regards Thing Matthew Sackman wrote: Hi All, In apache log files I'm seeing a lot of bogus attacks. Using various software I can easily sort out which are Nimda, which are Code Red 1

Apache Log Files

2002-08-14 Thread Matthew Sackman
Hi All, In apache log files I'm seeing a lot of bogus attacks. Using various software I can easily sort out which are Nimda, which are Code Red 1, Code Red 2 etc etc, and extract the IPs. That's all fine. What I then want to do is to do a whois on the IP, extract the name of the person who ownes

Re: Apache Log Files

2002-08-14 Thread Phillip Hofmeister
On Wed, 14 Aug 2002 at 10:31:51PM +0100, Matthew Sackman wrote: Does anyone know of a simple program that will return info on whois IP lookup in a set format? Perl and regex's work wonderful :) Side note: Korea's whois info is pretty much useless. Their whole country has like...one giant ISP

Re: Apache Log Files

2002-08-14 Thread TOK
Hi Matthew, i've tried parsing the output of allwhois.com, a few regexps matching emails should work most times. i was more interested in creating statistics (most used attack of the week...) but gave up because of the hassle of manually updating the attack signatures. whats software do you use

Re: Apache Log Files

2002-08-14 Thread Ted Cabeen
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Content-Type: text/plain; charset=us-ascii In message [EMAIL PROTECTED], TOK writes: i've tried parsing the output of allwhois.com, a few regexps matching emails should work most times. The abuse.net mail forwarder is also pretty useful for this