Projects / incident.pl

incident.pl

incident.pl is a small script that, when given syslogs generated by snort or other tools, can generate an incident report for events that appear to be attempted security attacks, gather information on the remote host, and report the attack to the appropriate administrators.

Tags
Licenses
Operating Systems
Implementation

Recent releases

  •  08 Dec 2004 03:53

    Release Notes: A bug has been fixed that caused ARIN to RIPE whois redirects to fail.

    •  04 Sep 2003 15:43

      Release Notes: The ARIN whois server has recently changed whois server redirect information for RIPE, causing the RIPE whois server to not be checked. This has been fixed in this release.

      •  02 Jun 2003 00:25

        Release Notes: A parsing bug has been fixed when processing ARIN entries with parentheses in them. The handling of WHOIS errors has been improved for servers such as whois.educause.net which handles many .edu sites. Redirects from whois.publicinterestregistry.net are now supported properly.

        •  22 May 2003 01:49

          Release Notes: Whois output from whois.arin.net has changed, causing the script to not follow netblocks. The script has been updated to parse this output correctly.

          •  21 Mar 2003 22:19

            Release Notes: This release fixes a bug which caused batch mode to incorrectly stop processing after no contacts were found for one entry.

            Screenshot

            Project Spotlight

            OpenStack4j

            A Fluent OpenStack client API for Java.

            Screenshot

            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.