WormScan reports attempted attacks on your Apache Web server. It was written to be able to support an unlimited number of worms. It is, however, very extendable, and can be configured to search and report on just about anything in your Web server's log files. The program currently supports the Common Log Format (the default Apache format) and has out of the box detection for Code Red, Code Red II, and Nimda worm attacks. The reports themselves can be modified to suit your needs, and are generated in HTML so you don't need additional software to read them. They can be sorted by date, host, hostname, worm, and number of attacks, and optionally compressed with gzip. Numerous configuration options let you tweak performance and output.
released on 3 June 2003
|License||Verified by||Verified on||Notes|
|GPLv2||Janet Casey||14 November 2001|
Leaders and contributors
Resources and communication
|Required to use||JRE 2|
|Required to use||Velocity library (http://jakarta.apache.org/velocity); Jakarta ORO library (http://jakarta.apache.org/oro)|
This entry (in part or in whole) was last reviewed on 10 January 2003.