Code Red capture tool

[Stephen Friedl <friedl () mtndew com>]

This is probably a little late, but those that want to watch the worm
while it wanders might care to use a little tool I've written.  Running on
a Linux machine with an alias for every otherwise-unused IP address on
a (small) block, it listens on port 80 and logs the source/destination
and a bit of the URL fetched. Written in perl, it can be found with a
small writeup at http://www.unixwiz.net/tools/websnarf.html

On my /27 it's recording about 30 per hour.

Steve

Mod: dump this if too late to be interesting.

--- 
Stephen J Friedl | Software Consultant | Tustin, CA |   +1 714 544-6561
www.unixwiz.net  | I speak for me only |   KA8CMY   | steve () unixwiz net

----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com