Fun with httpd logs and code red
John W. Baxter
jwbaxter at spamcop.com
Mon Aug 20 12:31:10 EDT 2001
In article <to13ef3kf4vh17 at corp.supernews.com>, Stephen Boulet
<spboulet at speakeasy.net> wrote:
> Just for fun, I wrote the following script to check my apache log for
> recent code red queries:
>
> import string
>
> f=open('/var/log/httpd/access_log', 'r')
> lines = f.readlines()
> ip_list = []
>
> for line in lines:
> if string.find(line, "GET /default.ida"):
> a = string.split(line)
> if a[0] not in ip_list:
> ip_list.append(a[0])
>
> print "The number of IPs in my list is %d" % len(ip_list)
>
> f.close()
>
> Hmmm. I have a list with 873 entries. Now what do I do with it? ;)
One thing you do is avoid getting into this situation:
http://www.linuxfreak.org/post.php/08/17/2001/134.html
wherein, if the story actually represents the facts, telling a
newspaper editor that his paper's site was wide open to "adjustments"
by anyone leads to FBI, federal prosecutor, etc interest. [It's quite
possible that the problem was "demonstrating" rather then "telling".]
--John
More information about the Python-list
mailing list