RE: The crackers are out there

Thanks a bunch Art.

One more basic question... (and probably not the last). How do you run a
script as a daemon? I know a bit about cron, but haven't done the "run as a
daemon" thing.

--Craig Hasund

-----Original Message-----
From: Arthur Corliss [mailto:acorliss@nevaeh-linux.org]
Sent: Tuesday, November 20, 2007 10:57 AM
To: Craig Hasund
Cc: aklug@aklug.org
Subject: RE: The crackers are out there

On Tue, 20 Nov 2007, Craig Hasund wrote:

> OK, that makes a number of times that I've heard someone mention scripting
> to monitor access and modify the firewall based on observations. How do
you
> do this? Can someone post a simplified script to look for access
criteria
> and modify the firewall based on ip address? I prefer perl or bash, but
am
> not sure the methodology about implementing this type of thing. I also
use
> fedora and iptables.
>
> I would like to play with this but want to understand a working
> implementation before I lock myself out of my systems :)... I've been
> following this list for a long time, but haven't crawled out from under my
> rock until now.

My personal solution, which is configurable, can be retrieved via rsync:

   rsync://rsync/nevaeh-test/src/admin-scripts-0.8.tar.gz
   rsync://rsync/nevaeh-test/src/Paranoid-0.13.tar.gz
   rsync://rsync/nevaeh-test/src/Parse-PlainConfig-2.03.tar.gz

The latter two are required dependencies. Don't use the versions on CPAN, I
haven't uploaded these yet. In the admin-scripts tarball all you really
care about is the autofw.pl and autofw.conf. I also cron a weekly SIGHUP to
the autofw.pl script to reset the connection counters.

My hack is in Perl, BTW. Go figure. ;-)

         --Arthur Corliss
           Live Free or Die

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Nov 20 12:58:18 2007