Coincidentally, I decided to check my logfiles for default.ida requests
this afternoon, to see if the infection rate is tailing off.
But I quickly ran into a road block, because I couldn't get any time
reports for 404 codes (we never installed Index server, so there are no
default.ida files on the servers).
Short of grepping out all the default.ida requests and changing the 404
codes to 200, can anyone suggest a quick and dirty way to analyse just
CodeRed traffic? I might extract those requests anyway, so that I can do a
DNS analysis without wading through millions of other addresses, but if
anyone has any suggestions, let me know.
Aengus
+------------------------------------------------------------------------
| This is the analog-help mailing list. To unsubscribe from this
| mailing list, go to
| http://lists.isite.net/listgate/analog-help/unsubscribe.html
|
| List archives are available at
| http://www.mail-archive.com/[email protected]/
| http://lists.isite.net/listgate/analog-help/archives/
| http://www.tallylist.com/archives/index.cfm/mlist.7
+------------------------------------------------------------------------
