Quoting Marc Perkel <[EMAIL PROTECTED]>:
Ramprasad wrote:
I don't care what it's written in but I'm thinking that xinetd might be easiest. What I want is something to record the IP address of any host connection to port 25. Then going to need it to run a one line script file that runc netcat (nc) and sends me data. Basically I just need te IP address. I have a collector program listening that feeds the blacklist system. The collector is.
Here is a little program I wrote a while back for just this purpose. Change lines 58ff as you see fit for your purposes. I have modified the listening port to 25 and put a plausible looking banner lines on it.
also I have attached an RC file to start it up. Let me know how it works out. jp -- Framework? I don't need no steenking framework! ----------------------------------------------------------------@fferent Security Labs: Isolate/Insulate/Innovate http://www.afferentsecurity.com
porkrind.pl
Description: Perl program
#! /bin/sh
#
#
#
# Source function library.
if [ -f /etc/init.d/functions ] ; then
. /etc/init.d/functions
elif [ -f /etc/rc.d/init.d/functions ] ; then
. /etc/rc.d/init.d/functions
else
exit 0
fi
RETVAL=0
case "$1" in
start)
echo -n 'Starting porkrind '
daemon /usr/local/sbin/porkrind.pl &
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/porkrind || RETVAL=1
;;
stop)
echo -n "Shutting down porkrind "
killproc /usr/local/sbin/porkrind.pl
RETVAL=$?
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/porkrind
echo ""
;;
restart)
$0 stop
$0 start
;;
status)
echo -n "Checking for porkrind "
status /usr/local/sbin/porkrind.pl
;;
*)
echo "Usage: $0 {start|stop|status}"
exit 1
esac
exit $RETVAL
