Full Disclosure mailing list archives

RE: Pattern matching search tool

From: "ALD, Aditya, Aditya Lalit Deshmukh" <aditya.deshmukh () online gateway expertworks net>
Date: Thu, 6 Jan 2005 08:07:13 +0530

-----Original Message-----
From: full-disclosure-bounces () lists netsys com 
[mailto:full-disclosure-bounces () lists netsys com] On Behalf Of 
Paul Schmehl
Sent: Thursday, January 06, 2005 02:58 AM
To: full-disclosure () lists netsys com
Subject: [Full-disclosure] Pattern matching search tool

Is anyone aware of a search tool (not Google or search engine 
aggregation 
software) that could be used to search our network for 
"interesting stuff"? 
It needs to be capable of doing pattern matching similar to 
perl's regular 
expression stuff.



Dear paul I think you answered your own question over here - its perl!
However there is another tool ntop that I use quite a lot.

I'm looking for something that, for example, could tell me all 
the machines 
on our network that are running copies of phpBB (obvious 
reasons) so that 
we could quickly identify potential problem areas.



This I would use a fine tuned version of snort or 
a http proxy logging all the requests with logwatch watching for the
"intresting stuff"


-aditya

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Pattern matching search tool Paul Schmehl (Jan 06)
- Re: Pattern matching search tool Alain Fauconnet (Jan 05)
- Re: Pattern matching search tool Florian Weimer (Jan 06)
- RE: Pattern matching search tool ALD, Aditya, Aditya Lalit Deshmukh (Jan 06)
  - RE: Pattern matching search tool Paul Schmehl (Jan 06)