Short: CodeBlue scans Apache access logs for Worm Virus infected requests Author: mystic@tenebrous.com Type: dev/gg Architecture: m68k-amigaos Uploaded: louise@louise.amiga.hu (LouiSe) Ported by LouiSe more info and other AMIGA ports at: http://louise.amiga.hu ----------------------------------------- CodeBlue is a simple program that aims to increase the awareness of hosts infected with notorious worms by emailing the victimized hosts with warnings of their infection. Copyright(c) 2001 Michael (mystic@tenebrous.com) Licensed under the GNU/GPL HOW IT WORKS: ------------- CodeBlue scans an Apache access log file specified at the command line, and sends an email to worm-infected hosts, warning them that they may be infected, and what URLs to visit for further information. All transactions are logged to a logfile. Optionally, CodeBlue can query the Nimda Registry database at worm.jungnickel.com and submit each infected host. ------------------------------------------------------------------------------------------- HOW TO COMPILE: --------------- From the codeblue source directory, simply type: make You may also type `make install` if you wish the binary to be installed to /usr/local/sbin/, otherwise simply run codeblue from the source directory. ------------------------------------------------------------------------------------------- HOW TO USE: ----------- The syntax is: ./codeblue [options] Options can be any of the following: -e - This specifies the return-to address for each email. The default is postmaster@yourhost -q - When specified, CodeBlue will query the Nimda Registry at worm.jungnickel.com and add each infected host to their database. --help - Prints out the help menu and exits ------------------------------------------------------------------------------------------- S P E C I A L T H A N K S: --------------------------- Thank you to all who have given their feedback on CodeBlue. You know who you are. A special "THANKS" goes to Jan Jungnickel (www.jungnickel.com) for their support.