Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Automated responsible party notification from IDS?

Has anyone heard of / developed scripts for automated notification of third party responsible admininistrators (i.e., whois lookup of offending IP address, abuse.net lookup, etc.) from IDS logs? Seems to me this would drastically increase the amount of work done by a security department and the amount of time free for less automatable tasks.

I'd like to send out canned verbiage indicating the date, time, source IP and signature description, standard legal warnings, etc., and an especially rude message to administrators who still have Code Red-infected machines running on their networks.

1 REPLY
New Member

Re: Automated responsible party notification from IDS?

98
Views
0
Helpful
1
Replies