WormScan reports attempted attacks on your Apache Web server. It was written to be able to support an unlimited number of worms. It is, however, very extendable, and can be configured to search and report on just about anything in your Web server's log files. The program currently supports the Common Log Format (the default Apache format) and has out of the box detection for Code Red, Code Red II, and Nimda worm attacks. The reports themselves can be modified to suit your needs, and are generated in HTML so you don't need additional software to read them. They can be sorted by date, host, hostname, worm, and number of attacks, and optionally compressed with gzip. Numerous configuration options let you tweak performance and output.
released on 3 June 2003
|License||Verified by||Verified on||Notes|
|GPLv2||Janet Casey||14 November 2001|
Leaders and contributors
Resources and communication
|Required to use||JRE 2|
|Required to use||Velocity library (http://jakarta.apache.org/velocity); Jakarta ORO library (http://jakarta.apache.org/oro)|
This entry (in part or in whole) was last reviewed on 10 January 2003.
Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, no Front-Cover Texts, and no Back-Cover Texts. A copy of the license is included in the page “GNU Free Documentation License”.
The copyright and license notices on this page only apply to the text on this page. Any software described in this text has its own copyright notice and license, which can usually be found in the distribution itself.