CodeBlue
Platforms:
UNIX,
Windows 2000,
Windows 95/98,
Windows NT
Categories:
Auditing,
Detection,
File Integrity,
Hostile Code,
Log Analysis,
Network,
Trojans & Backdoors
Version: v5.1
URL:
CodeBlue is an attempt to increase the awareness of hosts that are infected with malicious worms by scanning Apache log files and emailing the infected hosts with details of their infection and how to obtain help removing the worm. Currently, CodeBlue scans Apache logs for Code Red, Code Red 2, and Nimda.
