, March 05, 2004 8:37 AM
Subject: Re: One hint - how to detect invected machines _post morten_... Re:
dealing with w32/bagle
On 05.03.2004 17:26 McBurnett, Jim wrote:
Take a look at Kiwi-cattools. It has some great Cisco Automation
ability..
Well, Cisco, Entersys, Redhat etc
Just for information - may be useful for someone.
Task - we determined, that few infected machines was connected to one of our
offices few days ago.
They run one of this viruses, which generated a lot of scans and created
sugnificant traffic (but traffic was not
big enough to rais alarm on
Message-
-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of
-Alexei Roudnev
-Sent: Friday, March 05, 2004 11:20 AM
-To: Sam Stickland; [EMAIL PROTECTED]
-Subject: One hint - how to detect invected machines _post
-morten_... Re:
-dealing with w32/bagle
-
-
-
-Just for information - may
On 05.03.2004 17:26 McBurnett, Jim wrote:
Take a look at Kiwi-cattools. It has some great Cisco Automation ability..
Well, Cisco, Entersys, Redhat etc.
www.kiwisyslog.com
You can run commands on hundreds of devices on a schedule..
I use to pull config backups and certain reports I want directly
PROTECTED]
Sent: Friday, March 05, 2004 8:26 AM
Subject: RE: One hint - how to detect invected machines _post morten_... Re:
dealing with w32/bagle
Take a look at Kiwi-cattools. It has some great Cisco Automation ability..
Well, Cisco, Entersys, Redhat etc.
www.kiwisyslog.com
You can run commands
Also take a look at Neo at http://www.ktools.org/ which is scriptable
and does all the SNMP work behind the scenes for you. A beta of the
new 2.0 version (in Python) will be out within a week.
kretch
Solution:
- get all port statistics from switch (using SNMPGET and using simple