|
|
mail admins
Scan Apache log files for CodeRed, Nimda, FormMail, proxy
scanners and other malicious probes. For each one found,
track down the contact email from WHOIS data and send a
notice. Built-in rate controls prevent flooding an admin
even when his machines are scanning at high rates. Runs as
a non-privileged cron job to not interfere with the HTTP
daemon's operation.
Notes to committer:
1. This port installs a user and a group "hunch". It doesn't
meet the conditions listed in the handbook for a "reserved"
uid/gid.
2. portlint will complain about the port. A lot. To the
best of my judgment all of the warnings can be ignored
with the exception of the one about BATCH which I could
find no documentation for. Therefore it is setting
IS_INTERACTIVE.
PR: ports/44836
Submitted by: Dan Pelleg <daniel+hunch@pelleg.org>
|
