freebsd-ports/security/hunch/pkg-message
Edwin Groothuis efe705504a New port: hunch - Scan httpd log files, find vulnerability probes,
mail admins

	Scan Apache log files for CodeRed, Nimda, FormMail, proxy
	scanners and other malicious probes. For each one found,
	track down the contact email from WHOIS data and send a
	notice. Built-in rate controls prevent flooding an admin
	even when his machines are scanning at high rates. Runs as
	a non-privileged cron job to not interfere with the HTTP
	daemon's operation.

	Notes to committer:
	 1. This port installs a user and a group "hunch". It doesn't
	 meet the conditions listed in the handbook for a "reserved"
	 uid/gid.
	 2. portlint will complain about the port. A lot. To the
	 best of my judgment all of the warnings can be ignored
	 with the exception of the one about BATCH which I could
	 find no documentation for. Therefore it is setting
	 IS_INTERACTIVE.

PR:		ports/44836
Submitted by:	Dan Pelleg <daniel+hunch@pelleg.org>
2003-08-28 09:21:14 +00:00

5 lines
179 B
Text

Note that some WHOIS servers have specific
terms of use, which they assume you to have
accepted by issuing a query. Do not use
this package if you do not agree to those
licenses.