Slashdot Mirror

← Back to Stories (view on slashdot.org)

Establishing A Nimda Virus Log File Pool?

Posted by timothy on from the another-wall-of-shame dept.

Elsifer asks: "Can we get a listing of peoples log files so that NIPC an CERT authorities can disseminate these to try and track down the origins? ... I have modified my home website (on @home, where it seems that most of the infectious attacks are originating) to display my log files up to 1045MST." This sounds like a good way to consolidate information -- does anyone know of an existing site to do just this, or want to establish one?

1 of 6 comments (clear)

  1. how about a redirector to the collection agent? by apachetoolbox · · Score: 2, Insightful

    It could be as simple as adding ...

    RedirectMatch (.*)\cmd.exe$ http://www.sitecollectingdata.com/collector/index. php
    RedirectMatch (.*)\root.exe$ http://www.sitecollectingdata.com/collector/index. php
    RedirectMatch (.*)\default.ida$ http://www.sitecollectingdata.com/collector/index. php
    .. and having the collector throw the data in an SQL database...