I am not good enough with scripts to do this but
could someone write a script that can analyse an apache log, and generate a list
of all ip addresses that have tried to access default.ida (the way code red
infects) - I want to have a list so I can then go to the servers and contact the
webmasters and tell them that there system is infected as the UK Tech webserver
seems to be getting hit once every minute or so!
Anyone got any ideas how to do this?
Alex Brett