Security Systems related scripts & softwares
This script uses a custom 404 page that logs the IP address and amount of times it has loaded the 404_error.pl .If someone loads the 404 page 3 times in succession their IP address is logged to the banned_ip_list.log file. Every 60 seconds build_deny_list.pl opens the banned_ip_list.log file and gets the IP address to block. It then generates some C# code, adds that banned IP to the C sharp code, compiles the C code into an executable binary. This C sharp program is actually what adds the IP to the IIS deny list. After the build_deny_list.pl generates and executes the binary, it deletes the original source and executable file.
Displays an ascii art image of a random sequence of letters/digits and asks the visitor to type the sequence in a field provided. If the typed sequence is the same as in the image, the original form script (action) is invoked. Otherwise, the visitor is asked to go back and correct what he/she typed before. VVS requires Perl with the CGI class. It works for any form script written in Perl, independently of whether the script uses CGI or cgi-lib.pl or etc. It also preserves values of arbitrary variables of the environment for use in the original form script.
iWatch is a real-time filesystem monitoring program. It is a tool for detecting changes on filesystem and report it in real time. It uses a simple configuration file in XML format and is based on inotify, a file change notification system in the Linux kernel.
This script was written to help stop automated brute force attacks against your website. Are you tired of seeing www.yourdomain.com... ...cmd.exe in your log files? This script uses a custom 404 page that logs the IP address of the person making the 404 requests and after so many requests it adds that IP to the IIS servers deny list. There is some HOWTO information with the download...Be sure to read the README.html file! This script works against requests made via browser, wget, raw HTTP...maybe more. I updated this script to use a safe.log. You can add Ip's you dont want to ban in the safe log. IP's you might not want to ban are those used by Googlebot or Slurp (yahoo bot).
Find the most common way of hacking and be notified by email/pager around the clock.
Most hackers use /tmp to hack linux servers by writing some file in /tmp directory and call it remotely to play around in your server.
If you are offering shared-hosting or web hosting services on your server, then you are making this much easier for hackers to find access to your /tmp directory. There are many ways of closing or limiting their access to this directory such as running PHP with suEXEC Support. I assume you already know all of those and you have a very secure /tmp directory. However, often hackers find newer ways of accessing this directory. Therefore, it is necessary to check this directory often to make sure nothing is going on without you knowing it. Following script was written to check /tmp directory or any other directory and notify the admin if any un-authorized file exists.
To keep this example simple, we are looking into each file and look for different keywords such as "perl". Keep in mind that this script can only detect files with source, not executables. This is still very useful as most hackers use wget method to write something into this directory.
You could setup a cron-job to run this every few minutes and have it email you as soon as it finds something. Script will also create a log file of what it finds.
Do you have pages that you want to keep visitors off such as login and security pages? Do you want to know as soon as a visitor lands in a particular page because you're just curious? Well, PerlSpy is a script that sends you an email alert the moment someone visits any "marked" page with all the info you need to know about that visitor such as IP, Host DNS, exact time of visit, the referring URL, the browser, OS, ...etc. You can easily "mark" those pages by inserting one line of HTML in them and the script does the rest. PerlSpy is not really a security system, it's not a counter either; it's something in between. Its applications are countless and depend only on your imagination and curiosity. Just don't flood yourself with emails if you're expecting millions of visitors :)
Check the location of input forms. Prevent a hacker from submitting forms from outside your domain/server.
BAD HARVEST is a form-mail CGI script designed to be called from links similar to "mailto:...". It helps you to hide email addresses from "harvesters" (automated email-address collectors) while still providing a convenient way for your visitors to contact you. It does not rely on JavaScript or PHP and works in every browser down to text browsers.
The port checker 1 cgi script will check ports on your computer to see if they are open, closed, or do they responding. This will give you a good indicator as to the status of your computers security status.
The port checker cgi script can check unlimited number of ports. Ports can be easily added or removed in script just by opening it with notepad. Script checks ANY IP address you want, except reseved ones.
Stop Spam! Create unicode email links that are 100% invisable to email collecting robots & spiders.This perl script is a online tool to create email text links and image links. Use the power of unicode to make your email adresses invisable to all spider robots.
|
