North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Disabling QAZ (was Re: Port 139 scans)

  • From: Bennett Todd
  • Date: Sat Sep 30 09:52:55 2000

2000-09-29-18:51:16 Ben Browning:
> On a side note, if anyone knows a good logfile parsing perl script
> that pulls out all the IP addresses in a log, I'd love a copy.

How about

	perl -lne 'print $1 for /(\d+\.\d+\.\d+\.\d+)/g'

Take the output of that and feed it through dnsfilter (from djbdns,
<URL:>) and you can get the reverse lookups easy.
Fast, too, especially if you're running dnscache for your recursive


Attachment: pgp00017.pgp
Description: PGP signature