|
|
lug-bg: dealing with nov opasen virus Nimda
- Subject: lug-bg: dealing with nov opasen virus Nimda
- From: sheib@xxxxxxx (sheib@xxxxxxx)
- Date: 20 Sep 2001 06:02:08 EET DST
#!/bin/sh
LOGS=/var/log/httpd
PATH="/usr/local/sbin:/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/bin"
cd $LOGS
grep '^[0-9]*\.[0-9]*\.[0-9]*\.[0-9]* ' * 2>/dev/null |
awk '/system32\/cmd\.exe/ {sub(/[^:]*:/,"");print $1}' |
sort -u |
while read host
do
if ! fgrep $host /var/tmp/blocked >/dev/null
then
echo $host >>/var/tmp/blocked
iptables -A INPUT -s $host -j DROP
# ipchains -I input -s $host -j DENY -l
fi
done
===========================================================================
A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers)
http://www.linux-bulgaria.org/ Hosted by Internet Group Ltd. - Stara Zagora
|
|
|