[Snort-users] re. scan reporter script
andrew at ...523...
Mon May 7 20:42:08 EDT 2001
If anyone actually tried my reporter script
I've made a few small changes (& bugs no doubt).
One relates to the algorithm for choosing a domain to build
an abuse address for - instead of trying to work it out from the TLD
I now start at the TLD+1 and try to find an MX record. This after failing
on xxx.or.kr and xxx.yy.zz.us. Hopefully there are no MX records for
ac.uk, co.jp etc.
I also managed to send mail to IANA (oops) from not filtering LINKLOCAL
Andrew Daviel, TRIUMF, Canada
Tel. +1 (604) 222-7376
security at ...524...
More information about the Snort-users