[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Full-Disclosure] Pattern matching search tool
- To: "'Paul Schmehl'" <pauls@xxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: RE: [Full-Disclosure] Pattern matching search tool
- From: "ALD, Aditya, Aditya Lalit Deshmukh" <aditya.deshmukh@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Thu, 6 Jan 2005 08:07:13 +0530
>-----Original Message-----
>From: full-disclosure-bounces@xxxxxxxxxxxxxxxx
>[mailto:full-disclosure-bounces@xxxxxxxxxxxxxxxx] On Behalf Of
>Paul Schmehl
>Sent: Thursday, January 06, 2005 02:58 AM
>To: full-disclosure@xxxxxxxxxxxxxxxx
>Subject: [Full-Disclosure] Pattern matching search tool
>
>Is anyone aware of a search tool (not Google or search engine
>aggregation
>software) that could be used to search our network for
>"interesting stuff"?
>It needs to be capable of doing pattern matching similar to
>perl's regular
>expression stuff.
>
Dear paul I think you answered your own question over here - its perl!
However there is another tool ntop that I use quite a lot.
>I'm looking for something that, for example, could tell me all
>the machines
>on our network that are running copies of phpBB (obvious
>reasons) so that
>we could quickly identify potential problem areas.
This I would use a fine tuned version of snort or
a http proxy logging all the requests with logwatch watching for the
"intresting stuff"
-aditya
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html