I just do it myself using Blightly Design's "Sam Spade" program (for windows
boxes)... I have logwatch & logcheck & tripwire e-mail me at a different
address... I use sam spade to figure out who to mail to, & then just write
them myself, customizing the letter to each SysOp...
I'd be wary of an automated system, as someone could spoof an address &
effectilvely use your machine to do a DoS attack on some other network.
> -----Original Message-----
> From: Bret Hughes [SMTP:[EMAIL PROTECTED]]
> Sent: Thursday, February 15, 2001 10:59 AM
> To: [EMAIL PROTECTED]
> Subject: Re: port scan reported by portsentry
>
> "Burke, Thomas G." wrote:
> >
> > If only we had a "Pit Bull" program that could bite them when the
> trespassed
> > in our yard, eh? :)
> >
>
> I have been envisioing a program that would parse the logs for denied or
> rejected portscans do the DNS look up and build an email that I could
> send to sysops@whatever the lokup revealed. Anyone done this yet?
>
> I hesitate to automate the actual sending of the email since that could
> be used as a type of DOS against me and the domain in question.
>
> Additionally the program as I envision it would need to:
>
> keep track of sent or queued mails for a machine and not send another
> for a configurable time.
>
> Place the email in a hacker-drafts folder that could then be perused for
> your sending pleasure.
>
> more I am sure this task just go swapped out.
>
> Ideas any one?
>
> Bret
>
>
>
> _______________________________________________
> Redhat-list mailing list
> [EMAIL PROTECTED]
> https://listman.redhat.com/mailman/listinfo/redhat-list
_______________________________________________
Redhat-list mailing list
[EMAIL PROTECTED]
https://listman.redhat.com/mailman/listinfo/redhat-list
