The Automated CODERED & NIMDA wormtype detection / track and Trace utility. Its a utility that passibly monitors for CODERED and NIMDA typ of attacks. The system feature reports as On-Screen, File, Email, SQL or FTP uploaded CSV's. Offending hosts can be further investigated by additional reporting tools. The features makes it suitable to cluster the system together with ofther AVIRCAP machines on the network in order to cover multi subnets.
I found out i need to rename CodeHunt into AVirCAP instead. The old name do not reflect the systems capabilities any longer.
AVirCAP is short for A Virus Capturer
Source codes for the CODERED Hunt V1.5 is now finally released as a single ZIpball. So it's now possible to port this to other platforms without to much hazzles.
Please take a look on it and please submit your changes to it.
new version of CODEHUNT is released. With some small bugfixes but aswell with a LOT of new features as EMAIL support and CRON/Scheduled tasks
*FIX Shortcuts fixed for Stop CODERED (Andreas Ott)
*FIX No File output when running nosql=true (Andreas Ott)
*FIX De-installation fix for Start CODERED in Startup folder. (It tried to launch
a deleted program after reboot.). (MT)
*NEW CRON Support by using WINCRON by email@example.com
*FIX Some small detail errors in this readme that was reffering to the internal release.
*NEW EMAIL support. You can have the reports mail:ed to you. (DONT forget you need to enable it)
Input and Ideas wanted for improvements of the system. Aswell as I'm looking for persons who have modified the script with enhancements. I'm curious of what you've done :-)
Version 1.0 is now released into public