Fun with httpd logs and code red

John W. Baxter jwbaxter at
Mon Aug 20 18:31:10 CEST 2001

In article <to13ef3kf4vh17 at>, Stephen Boulet
<spboulet at> wrote:

> Just for fun, I wrote the following script to check my apache log for 
> recent code red queries:
>         import string
>         f=open('/var/log/httpd/access_log', 'r')
>         lines = f.readlines()
>         ip_list = []
>         for line in lines:
>                 if string.find(line, "GET /default.ida"):
>                         a = string.split(line)
>                         if a[0] not in ip_list:
>                                 ip_list.append(a[0])
>         print "The number of IPs in my list is %d" % len(ip_list)
>         f.close()
> Hmmm. I have a list with 873 entries. Now what do I do with it?  ;)

One thing you do is avoid getting into this situation:

wherein, if the story actually represents the facts, telling a
newspaper editor that his paper's site was wide open to "adjustments"
by anyone leads to FBI, federal prosecutor, etc interest.  [It's quite
possible that the problem was "demonstrating" rather then "telling".]


More information about the Python-list mailing list