Re: Perl answer to the Microsoft IIS 'Code Red' infected admins

in reply to Perl answer to the Microsoft IIS 'Code Red' infected admins

I found a script that does just that. It queries the ARIN WHOIS server for the IP, strips the domain of the admin email address and then emails postmaster@domain.com. It doesn't work with non-ARIN IPs, but could be modified to pull out the whole email address. I'm playing around with it but if anyone can make it work better, post it, would ya?

http://www.treachery.net/~jdyson/earlybird/

HughJASS

Comment on Re: Perl answer to the Microsoft IIS 'Code Red' infected admins

Replies are listed 'Best First'.
Re: Re: Perl answer to the Microsoft IIS 'Code Red' infected admins by Anonymous Monk on Aug 26, 2001 at 11:26 UTC
The script to which you refer (Early Bird) handles APNIC and RIPE queries as well as ARIN. The version that was limited to ARIN was the 1.x series. The code is now at v2.1 with v2.2 due for rollout on 08/26/2001. Hope that helps. Best wishes. -JDD	[reply]

In Section Cool Uses for Perl