North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: Tools for LARTing large nets of compromised boxen? (on/off listsummary)
I received quite a few good responses, I've ended up using incident.pl and wormeter.pl from the list below (found at the same place).
Thanks again everyone.
IASON was pointed out but seems incomplete http://iason.site.voila.fr/ and http://sourceforge.net/projects/iason/
Another member pointed out that Cymru WHOIS server has a bulk mode input to turn IP lists into source ASNs. http://www.cymru.com/ and whois://whois.cymru.com/
incident.pl from http://www.viraj.org/ along with wormeter.pl from same is what I ended up using. I had to write a pattern to match, and remove other patterns to prevent accidental matches but this ended up doing what I wanted.
I got some other responses, some duplicates too. I've anonymized responses since I'm not sure if the off-list responders wish to be identified.