detecting Solaris tojans with Argus
Peter Van Epp
vanepp at sfu.ca
Thu Jan 6 14:34:34 EST 2000
>
> Hey Peter,
> Thanks for the perl script. I'll add it to the
> 1.8 release as contrib software and hopefully Mark
> can get it on the CMU server, ASAP.
You may want to wait a little while, I've had the first enhancement
request already :-). It needs a summary by network because the data from a
gag scan of a net quickly gets unwieldy in the current format. Since the net
is already broken out that shouldn't be hard to do. It hasn't bitten me yet
because I'm only seeing isolated attack scans and my one gag test scan from
off site. I'll see if I can arrange something summary like in the next few
hours and post a revision to the list.
Peter Van Epp / Operations and Technical Support
Simon Fraser University, Burnaby, B.C. Canada
More information about the argus
mailing list