From owner-cvs-ports@FreeBSD.ORG Thu Aug 28 02:21:15 2003 Return-Path: Delivered-To: cvs-ports@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3ED0516A4BF; Thu, 28 Aug 2003 02:21:15 -0700 (PDT) Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115]) by mx1.FreeBSD.org (Postfix) with ESMTP id BA53343FB1; Thu, 28 Aug 2003 02:21:14 -0700 (PDT) (envelope-from edwin@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id h7S9LE0U080435; Thu, 28 Aug 2003 02:21:14 -0700 (PDT) (envelope-from edwin@repoman.freebsd.org) Received: (from edwin@localhost) by repoman.freebsd.org (8.12.6/8.12.6/Submit) id h7S9LEFQ080434; Thu, 28 Aug 2003 02:21:14 -0700 (PDT) Message-Id: <200308280921.h7S9LEFQ080434@repoman.freebsd.org> From: Edwin Groothuis Date: Thu, 28 Aug 2003 02:21:14 -0700 (PDT) To: ports-committers@FreeBSD.org, cvs-ports@FreeBSD.org, cvs-all@FreeBSD.org X-FreeBSD-CVS-Branch: HEAD Subject: cvs commit: ports/security Makefile ports/security/hunch Makefile distinfo pkg-deinstall pkg-descr pkg-install pkg-message pkg-plist X-BeenThere: cvs-ports@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the ports tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Aug 2003 09:21:15 -0000 edwin 2003/08/28 02:21:14 PDT FreeBSD ports repository Modified files: security Makefile Added files: security/hunch Makefile distinfo pkg-deinstall pkg-descr pkg-install pkg-message pkg-plist Log: New port: hunch - Scan httpd log files, find vulnerability probes, mail admins Scan Apache log files for CodeRed, Nimda, FormMail, proxy scanners and other malicious probes. For each one found, track down the contact email from WHOIS data and send a notice. Built-in rate controls prevent flooding an admin even when his machines are scanning at high rates. Runs as a non-privileged cron job to not interfere with the HTTP daemon's operation. Notes to committer: 1. This port installs a user and a group "hunch". It doesn't meet the conditions listed in the handbook for a "reserved" uid/gid. 2. portlint will complain about the port. A lot. To the best of my judgment all of the warnings can be ignored with the exception of the one about BATCH which I could find no documentation for. Therefore it is setting IS_INTERACTIVE. PR: ports/44836 Submitted by: Dan Pelleg Revision Changes Path 1.432 +1 -0 ports/security/Makefile 1.1 +33 -0 ports/security/hunch/Makefile (new) 1.1 +1 -0 ports/security/hunch/distinfo (new) 1.1 +97 -0 ports/security/hunch/pkg-deinstall (new) 1.1 +9 -0 ports/security/hunch/pkg-descr (new) 1.1 +229 -0 ports/security/hunch/pkg-install (new) 1.1 +5 -0 ports/security/hunch/pkg-message (new) 1.1 +3 -0 ports/security/hunch/pkg-plist (new)