hunch 1.1.8 security =3

IS INTERACTIVE: yes
Scan httpd log files for vulnerability probes, mail admins
Maintained by: daniel+hunch@pelleg.org
Port Added: 28 Aug 2003 09:21:58
License: not specified in port

---

---

Scan Apache log files for CodeRed, Nimda, FormMail, proxy scanners and
other malicious probes. For each one found, track down the contact email
from WHOIS data and send a notice. Built-in rate controls prevent flooding
an admin even when his machines are scanning at high rates. Runs as a
non-privileged cron job to not interfere with the HTTP daemon's operation.

WWW: http://www.cs.cmu.edu/~dpelleg/hunch.html

CVSWeb : Sources : Main Web Site : Distfiles Availability : PortsMon

---

NOTE: FreshPorts displays only required dependencies information. Optional dependencies are not covered.
Required To Build: lang/perl5.8
Required To Run: net/p5-Net, lang/perl5.8
There are no ports dependent upon this port

---

To install the port: cd /usr/ports/security/hunch/ && make install clean
To add the package: pkg_add -r hunch

---

Configuration Options

     No options to configure

---

Master Sites:

http://s89813419.onlinehome.us/

http://www.cs.cmu.edu/~dpelleg/download/

ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/distfiles/

The vast majority of pkg-descr files had the following format when they
had both lines:

Author: ...
WWW: ....

So standardize on that, and move them to the end of the file when necessary.

Also fix some more whitespace, and remove more "signature tags" of varying
forms, like -- name, etc.

s/AUTHOR/Author/

A few other various formatting issues

-remove MD5

NO_PACKAGE is not appropriate here

- Update to 1.1.8

PR:             ports/90750
Submitted by:   Dan Pelleg <daniel+hunch@pelleg.org> (maintainer)

Chase URLs per distfile survey.

Update to 1.1.7.

PR:             ports/71353
Submitted by:   Dan Pelleg <daniel+hunch dot pelleg dot org> (maintainer)

Update to 1.1.6

PR:             ports/70706
Submitted by:   maintainer

- Update to version 1.1.5

PR:             ports/65823
Submitted by:   maintainer

SIZEify (maintainer timeout)

- Update to 1.1.4

PR:             61842
Submitted by:   maintainer

- Update to 1.1.3
- Add MASTER_SITES

While I'm here:
- Re-arrange Makefile variables
- Shorten COMMENT to fit the limit
- Remove unnecessary WRKSRC (default value)

PR:             59798
Submitted by:   maintainer

update security/hunch: 1.1 -> 1.1.1

PR:             57917
Submitted by:   Dan Pelleg <daniel+hunch@pelleg.org> (maintainer)

- Update to version 1.1

PR:             57575
Submitted by:   maintainer

New port: hunch - Scan httpd log files, find vulnerability probes,
mail admins

        Scan Apache log files for CodeRed, Nimda, FormMail, proxy
        scanners and other malicious probes. For each one found,
        track down the contact email from WHOIS data and send a
        notice. Built-in rate controls prevent flooding an admin
        even when his machines are scanning at high rates. Runs as
        a non-privileged cron job to not interfere with the HTTP
        daemon's operation.

        Notes to committer:
         1. This port installs a user and a group "hunch". It doesn't
         meet the conditions listed in the handbook for a "reserved"
         uid/gid.
         2. portlint will complain about the port. A lot. To the
         best of my judgment all of the warnings can be ignored
         with the exception of the one about BATCH which I could
         find no documentation for. Therefore it is setting
         IS_INTERACTIVE.

PR:             ports/44836
Submitted by:   Dan Pelleg <daniel+hunch@pelleg.org>

12 vulnerabilities affecting 17 ports have been reported in the past 14 days

^* - modified, not new

All vulnerabilities