Way cool... with a bit of work, one could query ARIN, RIPE, and APNIC until
an answer was received (that's what I'm modifying it to do) else die.  With
the timeout set to "forever", what would we care if it takes a few extra
seconds to go spy-out a potential (would-be-if-we-were-running-IIS)intruder.

The author made a really nifty framework and left it pretty easy to modify.
I already swiped a copy (thanks, Mark!!) and am having a ball adding my own
"bends" to it.

Tim, the part that does the WHOIS query is only querying RIPE.  I'm
modifying mine to loop through a known set of authorities (right now, the
three I mentioned above) and to set a flag ($IGotIt or something I can test
afterward with "if ( $IGotIt ) { yaddayadda }"), and to quit looking when it
gets a reasonable answer.

If I get it working before anyone else (doubtful, I'm still a bit slow with
PHP and I'm also at work), I'd be more than happy to share.


-----Original Message-----
From: Tim [mailto:[EMAIL PROTECTED]]
Sent: Monday, August 13, 2001 1:16 PM
To: Mark Roedel
Cc: Mark Lo; php general
Subject: RE: [PHP] new one is it ??

That's pretty cool.   Alas, the 'whois' part of the code doesn't work
properly (at least on my system).

- Tim

On 13 Aug 2001 10:21:45 -0500, Mark Roedel wrote:
> I rather liked this approach that I saw posted in another list:
>       http://www.klippan.seths.se/default.phps
> (Does some hostname/whois lookups on the infected server and attempts to
> email some people who might be able to do something about it.)

PHP General Mailing List (http://www.php.net/)
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
To contact the list administrators, e-mail: [EMAIL PROTECTED]

Reply via email to