From 32dee98d2d18396be831d0c54e6bec9fa37c70a1 Mon Sep 17 00:00:00 2001 From: Michel Blockelet Date: Thu, 4 Jun 2009 16:21:28 +0200 Subject: [PATCH] [conficker.sh] Squid 3 darcs-hash:20090604142128-ddb99-66a8d649926a5def2a8dfa7ffcb24a7b097c8ad4.gz --- surveillance/conficker.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/surveillance/conficker.sh b/surveillance/conficker.sh index 0a3e7160..ec95f473 100644 --- a/surveillance/conficker.sh +++ b/surveillance/conficker.sh @@ -108,7 +108,7 @@ chmod go-rwx $FILES # On regarde les lignes de la forme "...GET http://[une ip]/search?..." # (requêtes typiques de Conficker) echo -n " * Recherche des lignes de logs correspondantes ... [> base] Lignes : " -sudo egrep "GET http://([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}/search\?" /var/log/squid/access.log | tee base | wc -l +sudo egrep "GET http://([[:digit:]]{1,3}\.){3}[[:digit:]]{1,3}/search\?" /var/log/squid3/access.log | tee base | wc -l # On récupère les IPs dans les lignes echo -n " * Récupération des IP sources et destinations ... [> ip_reqip] Lignes : "