|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: Tools for LARTing large nets of compromised boxen? (on/off listsummary)
I received quite a few good responses, I've ended up using incident.pl and wormeter.pl from the list below (found at the same place). Thanks again everyone. IASON was pointed out but seems incomplete http://iason.site.voila.fr/ and http://sourceforge.net/projects/iason/ Another member pointed out that Cymru WHOIS server has a bulk mode input to turn IP lists into source ASNs. http://www.cymru.com/ and whois://whois.cymru.com/ incident.pl from http://www.viraj.org/ along with wormeter.pl from same is what I ended up using. I had to write a pattern to match, and remove other patterns to prevent accidental matches but this ended up doing what I wanted. I got some other responses, some duplicates too. I've anonymized responses since I'm not sure if the off-list responders wish to be identified.
|