Date: Thu, 28 Aug 2003 02:21:14 -0700 (PDT) From: Edwin Groothuis <edwin@FreeBSD.org> To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: ports/security Makefile ports/security/hunch Makefile distinfo pkg-deinstall pkg-descr pkg-install pkg-message pkg-plist Message-ID: <200308280921.h7S9LEFQ080434@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
edwin 2003/08/28 02:21:14 PDT
FreeBSD ports repository
Modified files:
security Makefile
Added files:
security/hunch Makefile distinfo pkg-deinstall pkg-descr
pkg-install pkg-message pkg-plist
Log:
New port: hunch - Scan httpd log files, find vulnerability probes,
mail admins
Scan Apache log files for CodeRed, Nimda, FormMail, proxy
scanners and other malicious probes. For each one found,
track down the contact email from WHOIS data and send a
notice. Built-in rate controls prevent flooding an admin
even when his machines are scanning at high rates. Runs as
a non-privileged cron job to not interfere with the HTTP
daemon's operation.
Notes to committer:
1. This port installs a user and a group "hunch". It doesn't
meet the conditions listed in the handbook for a "reserved"
uid/gid.
2. portlint will complain about the port. A lot. To the
best of my judgment all of the warnings can be ignored
with the exception of the one about BATCH which I could
find no documentation for. Therefore it is setting
IS_INTERACTIVE.
PR: ports/44836
Submitted by: Dan Pelleg <daniel+hunch@pelleg.org>
Revision Changes Path
1.432 +1 -0 ports/security/Makefile
1.1 +33 -0 ports/security/hunch/Makefile (new)
1.1 +1 -0 ports/security/hunch/distinfo (new)
1.1 +97 -0 ports/security/hunch/pkg-deinstall (new)
1.1 +9 -0 ports/security/hunch/pkg-descr (new)
1.1 +229 -0 ports/security/hunch/pkg-install (new)
1.1 +5 -0 ports/security/hunch/pkg-message (new)
1.1 +3 -0 ports/security/hunch/pkg-plist (new)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200308280921.h7S9LEFQ080434>