HEADS UP - viruses in password protected zip files

Raymond Dijkxhoorn raymond at PROLOCATION.NET
Mon Mar 1 17:58:15 GMT 2004


Hi!

> > >>> Its in our top10 of today:
> > >>>
> > >>> 4747    W32/Netsky.B at mm
> > >>> 1275    W32/Swen.A at mm
> > >>> 404     W32/Sober.C at mm
> > >>> 337     W32/Mydoom.A at mm
> > >>> 200     W32/Netsky.C at mm
> > >>> 126     W32/Bugbear.B at mm
> > >>> 96      W32/Bagle.F at mm
> > >>> 57      W32/Bagle.E at mm
> > >>> 49      W32/Mydoom.E at mm
> > >>> 19      W32/Mimail.J at mm

> I am not peter or raymond, but...
>
> grep "Virus '.*' found" /PATH/TO/YOUR/SYSLOG |  sed "s/[^']*//" | sed
> "s/found.*//" | sort | uniq -c | sort -n -r

You might want to do this a little smarter :) We for example parse around
1.5 GB logfiles, your disk wont be happy if you grep those all over from
the start again and again :) We update every 5 minutes now and have
around 5-6 seconds parsing time on that :)

Bye,
Raymond.



More information about the MailScanner mailing list