Full Disclosure mailing list archives
Re: Tracking a virus by logging infected machines
From: "morning_wood" <se_cur_ity () hotmail com>
Date: Tue, 2 Sep 2003 00:04:04 -0700
I don't think that it would be very helpful. Many of the unsecured machines where the virus will be successful are private PCs with a dialup internet access and are changing their IPs in short intervals. IMHO your IP list would be worthless within some hours or even some minutes.
try a non trojan ( no backdoor ) cgi notifer available at http://illmob.org/files/cginotify3.zip this reports both wan / lan at startup posting to an online notification via a cgi ( perl ) script. includes password protection for the list. morning_wood _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Virus, whether the scanners say so or not? Scott Phelps / Dreamwright Studios (Sep 01)
- Re: Virus, whether the scanners say so or not? Bennett Todd (Sep 01)
- Re: Virus, whether the scanners say so or not? Paul Schmehl (Sep 01)
- Re: Virus, whether the scanners say so or not? misiu_ (Sep 01)
- Re: Virus, whether the scanners say so or not? gregh (Sep 01)
- Random SoBig.F Thoughts Jason Coombs (Sep 01)
- Tracking a virus by logging infected machines Richard M. Smith (Sep 01)
- Re: Tracking a virus by logging infected machines Ralf (Sep 01)
- Re: Tracking a virus by logging infected machines Marcus Graf (Sep 02)
- Re: Tracking a virus by logging infected machines morning_wood (Sep 02)
- Re: Tracking a virus by logging infected machines Joel R. Helgeson (Sep 02)
- RE: Tracking a virus by logging infected machines Richard M. Smith (Sep 02)
- Tracking a virus by logging infected machines Richard M. Smith (Sep 01)
- <Possible follow-ups>
- Re: Virus, whether the scanners say so or not? roman . kunz (Sep 01)
- Fw: Virus, whether the scanners say so or not? morning_wood (Sep 01)