[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ossec-list] Re: OSSEC support for ...

To: ossec-list@xxxxxxxxx
Subject: [ossec-list] Re: OSSEC support for ...
From: Jay Curtis <jay@xxxxxxxxxxxxxx>
Date: Sun, 5 Nov 2006 21:53:12 -0500
Organization: Lledgerock llamas

Another great 'log' for ossec to scan and do the active iptables (deny/drop) 
block on would be spamcop's most active spammers list on an ad-hoc basis.
(see attached)


On Sunday 05 November 2006 6:31 pm, Black CryptoKnight wrote:
> There are some logfiles I'd love to see OSSEC support for log analysis.
> I'll post log samples for them in this thread.
>
> I'd love to see support for analysing Lotus Domino http logs. Attached are
> some log samples for the Lotus Domino Web server (with IP addresses and
> sensitive info modified).
>
>
>
> ---------------------------------
> Want to start your own business? Learn how on  Yahoo! Small Business.

Network	Total email volume	Total spam reports	Number of hosts sending email	Number of hosts reported for spam	
222.50.7.0/24	1438	51117	22	6
222.136.210.0/24	1332	451	1	1
212.106.186.0/24	1253	46	1	1
61.62.246.0/24	877	46281	44	3
83.29.129.0/24	657	44	32	13
61.235.103.0/24	544	56578	13	1
24.172.251.0/24	530	586	3	1
84.28.127.0/24	518	205	1	1
140.247.123.0/24	501	867	1	1
83.11.190.0/24	487	77	25	14
83.7.49.0/24	474	87	32	16
150.199.191.0/24	452	221	1	1
35.11.192.0/24	451	528	1	1
221.48.6.0/24	449	117	1	1
66.91.96.0/24	448	98	3	1
69.23.143.0/24	441	486	1	1
207.70.62.0/24	441	13180	6	1
207.177.232.0/24	437	408	2	1
61.166.13.0/24	436	126	39	27
83.11.197.0/24	435	80	27	18
148.245.241.0/24	380	152	1	1
85.66.168.0/24	346	163	3	3
86.38.61.0/24	323	365	1	1
83.29.126.0/24	311	104	22	16
86.90.136.0/24	308	65	1	1
141.106.210.0/24	306	177	1	1
83.7.160.0/24	297	51	23	8
219.209.192.0/24	262	52	1	1
208.66.247.0/24	256	191	1	1
83.22.181.0/24	252	69	24	16
163.180.204.0/24	252	46	1	1
83.159.70.0/24	251	136	1	1
84.114.224.0/24	244	212	1	1
190.83.29.0/24	243	109	14	12
87.168.3.0/24	241	107	1	2
210.119.76.0/24	239	44	1	1
124.105.176.0/24	236	238	3	4
63.148.175.0/24	227	390	1	1
88.34.239.0/24	224	87	1	1
68.33.203.0/24	219	37	2	1
87.91.233.0/24	212	45	1	1
89.14.99.0/24	209	110	7	2
76.188.123.0/24	205	469	1	1
211.62.113.0/24	204	59	1	1
219.111.212.0/24	203	35	1	1
72.91.217.0/24	198	94	3	2
217.144.19.0/24	198	8895	11	2
70.67.92.0/24	198	346	1	1
71.168.105.0/24	195	163	1	1
221.114.66.0/24	192	55	1	1
87.180.251.0/24	185	74	1	1
203.175.212.0/24	184	257	1	1
216.195.9.0/24	181	84	1	1
220.143.49.0/24	180	189	1	1
85.41.163.0/24	173	46	1	1
82.243.74.0/24	172	122	1	1
84.205.151.0/24	170	35	1	1
206.165.4.0/24	170	497	1	1
163.32.70.0/24	169	369	1	1
84.247.207.0/24	168	108	1	1
74.69.190.0/24	167	166	2	1
61.62.202.0/24	165	7492	9	3
124.56.80.0/24	159	228	1	1
87.110.142.0/24	158	84	3	1
75.73.101.0/24	154	128	1	1
58.75.2.0/24	150	117	1	1
59.81.17.0/24	148	54	1	1
71.217.96.0/24	148	83	4	4
70.238.159.0/24	144	79	2	1
167.198.242.0/24	143	598	1	1
190.83.28.0/24	138	121	9	8
169.229.77.0/24	137	41	2	1
88.19.243.0/24	136	38	5	6
65.44.131.0/24	135	181	2	1
85.69.163.0/24	135	52	3	2
202.9.144.0/24	132	439	2	1
88.140.5.0/24	130	32	2	2
24.10.146.0/24	127	67	1	1
151.54.222.0/24	125	93	3	1
86.97.223.0/24	123	40	5	2
195.120.208.0/24	122	106	1	1
75.209.19.0/24	121	72	1	1
210.101.99.0/24	119	183	2	1
72.174.193.0/24	115	30	1	1
142.237.99.0/24	114	121	1	1
217.145.76.0/24	109	151	1	1
217.112.49.0/24	108	106	1	1
129.24.107.0/24	106	307	1	1
220.51.218.0/24	103	43	1	1
87.23.130.0/24	99	62	1	1
70.5.93.0/24	99	31	1	1
24.215.65.0/24	95	42	1	1
210.85.170.0/24	91	88	2	1
86.147.204.0/24	91	29	4	2
201.170.11.0/24	90	54	1	1
75.4.164.0/24	89	105	1	1
70.62.224.0/24	88	187	1	1
87.54.71.0/24	84	37	1	1
132.178.105.0/24	78	42	1	1
61.7.254.0/24	77	29	1	1
88.19.174.0/24	73	80	3	3
125.187.52.0/24	72	43	1	1
124.104.162.0/24	72	58	6	4
219.96.171.0/24	68	301	2	1
124.105.211.0/24	68	64	4	6
122.50.218.0/24	66	54	1	1
72.63.234.0/24	63	78	1	1
124.54.43.0/24	61	234	1	1
90.195.176.0/24	60	28	3	2
89.13.222.0/24	59	75	1	1
189.4.11.0/24	58	45	1	1
122.34.128.0/24	58	33	1	1
200.44.109.0/24	58	219	1	1
201.213.26.0/24	57	153	2	2
211.169.222.0/24	57	81	1	1
124.97.38.0/24	56	76	1	1
69.95.172.0/24	56	59	1	2
124.56.103.0/24	56	35	1	1
58.138.51.0/24	55	59	2	1
86.14.28.0/24	55	30	1	1
72.57.55.0/24	53	33	1	1
201.65.56.0/24	52	72	1	1
89.122.174.0/24	52	30	2	2
124.1.246.0/24	52	55	1	1
220.30.20.0/24	50	56	1	1
122.20.115.0/24	49	40	1	1
203.148.77.0/24	46	49	3	1
124.210.35.0/24	45	63	1	1
159.92.220.0/24	44	39	1	1
222.34.92.0/24	43	31	2	1
88.164.76.0/24	42	34	1	1
124.53.209.0/24	40	342	1	1
83.160.227.0/24	40	251	1	1
121.143.156.0/24	40	271	1	1
82.237.49.0/24	37	43	1	1
59.190.62.0/24	35	1031	4	1
61.115.42.0/24	31	31	1	1
86.40.206.0/24	30	38	1	1
82.25.154.0/24	30	35	1	1
216.243.249.0/24	28	88	8	0
201.67.234.0/24	27	40	3	2
213.79.173.0/24	25	69	1	1
89.122.164.0/24	24	175	10	4
125.236.169.0/24	23	42	2	3
87.163.7.0/24	21	250	3	1
89.165.140.0/24	20	191	3	1
125.128.183.0/24	19	34	2	1
192.107.160.0/24	19	203	1	1
124.100.243.0/24	18	42	1	1
87.168.235.0/24	17	71	2	1
220.69.229.0/24	17	45	1	1
212.49.21.0/24	17	114	1	1
201.194.31.0/24	17	61	1	1
211.7.32.0/24	17	79	1	1
88.88.96.0/24	14	36	1	1
125.128.206.0/24	13	32	1	1
163.180.18.0/24	13	110	1	1
59.93.56.0/24	10	269	2	15
222.215.161.0/24	9	30	2	2
70.65.214.0/24	9	37	1	1
125.134.26.0/24	8	199	1	1
125.132.38.0/24	8	81	2	3
76.187.58.0/24	7	426	1	1
217.218.179.0/24	7	168	1	1
24.124.125.0/24	7	0	1	0
222.159.192.0/24	7	29	1	1
125.82.113.0/24	6	48	1	1
59.95.40.0/24	6	547	2	9
62.16.39.0/24	4	0	1	0
212.0.136.0/24	2	37	1	1
196.2.116.0/24	2	80	2	0
59.95.248.0/24	1	282	1	16
75.208.230.0/24	1	37	1	1
75.194.241.0/24	1	101	1	1
222.243.207.0/24	1	40	1	1
200.119.11.0/24	1	29	1	2
59.92.208.0/24	1	278	1	10
59.93.252.0/24	1	238	1	7
87.91.68.0/24	1	91	1	2
59.92.92.0/24	0	228	0	46
200.119.10.0/24	0	183	0	3
59.94.224.0/24	0	285	0	10
59.94.109.0/24	0	268	0	6
209.205.220.0/24	0	29	0	0
216.75.60.0/24	0	24	0	0
121.55.252.0/24	0	55	0	1
75.192.25.0/24	0	35	0	1
151.33.133.0/24	0	54	0	1
59.94.30.0/24	0	31	0	1
59.93.43.0/24	0	156	0	6
124.144.143.0/24	0	35	0	1
59.95.152.0/24	0	29	0	6
122.47.64.0/24	0	31	0	1
137.118.7.0/24	0	30	0	0
59.93.105.0/24	0	330	0	7
200.119.13.0/24	0	382	0	5
218.15.37.0/24	0	69	0	7
85.5.31.0/24	0	551	0	1
124.56.84.0/24	0	298	0	1
12.192.49.0/24	0	31	0	1

References:
- [ossec-list] OSSEC support for ...
  - From: Black CryptoKnight

Prev by Date: [ossec-list] Re: OSSEC on embedded system ?
Next by Date: [ossec-list] Re: OSSEC support for ...
Previous by thread: [ossec-list] OSSEC support for ...
Next by thread: [ossec-list] Re: OSSEC support for ...
Index(es):
- Date
- Thread

OSSEC home | Main Index | Thread Index

OSSEC project: www.ossec.net.
Mailling list information: http://www.ossec.net/en/mailing_lists.html.