Bounce-O-Matic 0.9
Sponsored Links
Bounce-O-Matic 0.9 Ranking & Summary
File size:
0.007 MB
Platform:
Any Platform
License:
GPL (GNU General Public License)
Price:
Downloads:
1266
Date added:
2006-05-08
Publisher:
Kevin Clarke
Bounce-O-Matic 0.9 description
Bounce-O-Matic reads through the system log files at a specified time interval (via cron) and finds unwanted attempted logons. Bounce-O-Matic writes these attempts out to an iptables drop file and emits a drop command to iptables.
Bounce-O-Matic is one solution to a common problem, namely, those hammering attacks that occur, at least occasionally, everywhere. The script tries to be as simple and as easy to use as possible while being versatile and extensible.The script was developed with the idea in mind of getting some immediate results from a basic setup of iptables, ssh, and Snort. This way attackus-interruptus can be achieved as soon as possible and the fancy rule development and firewall tweaking can be done at your leisure, or not at all if this script suits the bill.
At the moment the script only checks two log files, but it could do more, and it handles the following cases, but it could do more :
ssh : invalid user login
ssh : failed user login
ssh : root user login
snort : mysql root user login
snort : portscan (log only)
ftp : admin ; administrator login
ftp : root login
Bounce-O-Matic is written in bash. It is not as elegant as it potentially could be, it does not handle connection attempts (only login attempts), it is not a great example of superstar coding, and it probably will not win any prizes for forwarding the causes of world peace or saving the environment, however, it does get the job done!
Once installed, the script needs very little attention, allowing you to go about your business and stop worrying about attackers.
The script aims to be a fire-and-forget type of solution as well as a good solid first line of defense.
Bounce-O-Matic uses commonly available system utilities to accomplish its task.
awk, grep, sort, uniq, date, cat
and makes use of the following other utilities :
iptables :
this needs to be running, or you wont be able to drop anything.
sshd :
as long as the daemon is running, it defaults to logging AUTH to syslog. So even if you dont use Snort, you can still catch the invalid and failed and root user logon attempts that happen here.
Snort :
I happen to be using Snort version 2.3.3 and logging is being directed to the system log facility
output alert_syslog: LOG_AUTH LOG_ALERT
where the above line turns on the output directive in the snort config file.
Enhancements:
- This release adds bounce protection for ftp admin and root login attempts.
Bounce-O-Matic is one solution to a common problem, namely, those hammering attacks that occur, at least occasionally, everywhere. The script tries to be as simple and as easy to use as possible while being versatile and extensible.The script was developed with the idea in mind of getting some immediate results from a basic setup of iptables, ssh, and Snort. This way attackus-interruptus can be achieved as soon as possible and the fancy rule development and firewall tweaking can be done at your leisure, or not at all if this script suits the bill.
At the moment the script only checks two log files, but it could do more, and it handles the following cases, but it could do more :
ssh : invalid user login
ssh : failed user login
ssh : root user login
snort : mysql root user login
snort : portscan (log only)
ftp : admin ; administrator login
ftp : root login
Bounce-O-Matic is written in bash. It is not as elegant as it potentially could be, it does not handle connection attempts (only login attempts), it is not a great example of superstar coding, and it probably will not win any prizes for forwarding the causes of world peace or saving the environment, however, it does get the job done!
Once installed, the script needs very little attention, allowing you to go about your business and stop worrying about attackers.
The script aims to be a fire-and-forget type of solution as well as a good solid first line of defense.
Bounce-O-Matic uses commonly available system utilities to accomplish its task.
awk, grep, sort, uniq, date, cat
and makes use of the following other utilities :
iptables :
this needs to be running, or you wont be able to drop anything.
sshd :
as long as the daemon is running, it defaults to logging AUTH to syslog. So even if you dont use Snort, you can still catch the invalid and failed and root user logon attempts that happen here.
Snort :
I happen to be using Snort version 2.3.3 and logging is being directed to the system log facility
output alert_syslog: LOG_AUTH LOG_ALERT
where the above line turns on the output directive in the snort config file.
Enhancements:
- This release adds bounce protection for ftp admin and root login attempts.
Bounce-O-Matic 0.9 Screenshot
Bounce-O-Matic 0.9 Keywords
Matic 0.9
system log files
specified time interval
System Log
Log files
time interval
specified time
reads through
log
system
script
root
user
files
Bounce-O-Matic
BounceOMatic
Bookmark Bounce-O-Matic 0.9
Bounce-O-Matic 0.9 Copyright
WareSeeker periodically updates pricing and software information of Bounce-O-Matic 0.9 full version from the publisher, so some information may be slightly out-of-date. You should confirm all information before relying on it. Software piracy is theft, Using crack, password, serial numbers, registration codes, key generators is illegal and prevent future development of Bounce-O-Matic 0.9 Edition. Download links are directly from our publisher sites, torrent files or links from rapidshare.com, yousendit.com or megaupload.com are not allowed
Featured Software
Want to place your software product here?
Please contact us for consideration.
Contact WareSeeker.com
Related Information
windows system log files
object could not be scheduled within the specified time interval
system log files linux
iis log files kill system
linux system log files
system log files windows xp
unix system log files
windows xp system log
iis log files
system log files in linux
xp system log files
log files in linux
system log is full
regularly saves your work on a specified time interval
aix system log files
system log files windows
windows log files
social security system logo
Related Software
Untie is a small tool used to create namespaces and lauch processes in them. Free Download
BootRoot it creates a separate boot and root Linux system. Free Download
QNmap is just another K nmap frontend. Free Download
Local Lyrics is a python based amaroK-script requires amaroK 1.4! Free Download
Podcast Cleanup cleans up old podcast files based on various criteria. Free Download
Score Rated is a rated scoring script that uses the rating as a factor in the scoring process. Free Download
Octave is the GNU Octave language for numerical computations. Free Download
DYS Backup is just a small script to backup your system. Free Download
Latest Software
Popular Software
Favourite Software
