Supratim Sanyal tuklusan
tuklusan
/ httpd410server.c
Last active
September 22, 2016 15:42
Complete discussion about this program is in my blog entry at http://supratim-sanyal.blogspot.com/2016/07/httpd410server-tiny-free-web-server-to.html - httpd410server: A TINY FREE WEB SERVER TO ALWAYS RETURN HTTP ERROR LOCALLY FOR DNS BLACKLIST REDIRECTION AND LOGGING
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* +++ | |
| Supratim Sanyal's Brain Damaged web server | |
| - ALWAYS RETURNS HTTP 410 (GONE) TO THE CLIENT - | |
| - USE FOR DNS REDIRECTED MALWARE AD BLOCKER BLACKLIST IMPLEMENTATIONS | |
| - Listens on ports http port 80 and https port 443 | |
| - | |
| - To build: gcc -o httpd410server -lpthread httpd410server.c | |
| - | |
| - See http://supratim-sanyal.blogspot.com/2016/07/httpd410server-tiny-free-web-server-to.html for details | |
| - I can be reached at http://mcaf.ee/sdlg9f |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Sep 16 04:25:40 anubis-clearos /usr/local/bin/httpd410server[25758]: /usr/local/bin/httpd410server starting up | |
| Sep 16 04:25:40 anubis-clearos /usr/local/bin/httpd410server[25758]: setgid to [99] ok | |
| Sep 16 04:25:40 anubis-clearos /usr/local/bin/httpd410server[25758]: setuid to [99] ok | |
| Sep 16 04:25:40 anubis-clearos /usr/local/bin/httpd410server[25758]: HTTP listen FD: 4 | |
| Sep 16 04:25:40 anubis-clearos /usr/local/bin/httpd410server[25758]: HTTPS listen FD: 5 | |
| Sep 16 04:25:41 anubis-clearos /usr/local/bin/httpd410server[25758]: HTTP connection on FD 4 | |
| Sep 16 04:25:41 anubis-clearos /usr/local/bin/httpd410server[25758]: HTTP connection on FD 4 | |
| Sep 16 04:25:41 anubis-clearos /usr/local/bin/httpd410server[25758]: connection_handler[1]: starting | |
| Sep 16 04:25:41 anubis-clearos /usr/local/bin/httpd410server[25758]: HTTP connection on FD 4 | |
| Sep 16 04:25:41 anubis-clearos /usr/local/bin/httpd410server[25758]: connection_handler[1]: accept ok server FD 4 on client FD 6 |
tuklusan
/ httpd410server
Created
September 15, 2016 16:51
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # httpd410server Start/Stop the httpd410server daemon. | |
| # | |
| # chkconfig: 2345 90 60 | |
| # description: httpd410server is a minimal http server to ALWAYS return HTTP 410 (Gone) | |
| # to client URI requests. It can thus be used as a fallback server for | |
| # DNS redirected blacklist implementations using dnsmasq, dansguardian etc. | |
| # and malware / attack domain lists like from emerging threats, | |
| # yoyo etc. |
tuklusan
/ cowsayd.c
Last active
October 5, 2016 00:30
Complete description of Free Online Public FORTUNE - COWSAY Server : Fun with TELNET and C/C++ Linux Multi-threaded Socket Server Programming (CentOS 7) is at http://supratim-sanyal.blogspot.com/2016/09/free-online-public-fortune-cowsay.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* +++ | |
| Supratim Sanyal's COWSAY server | |
| - If a connection is made to its network port, and if fortune and cowsay are | |
| - installed, this waits for some input and returns a random fortune cookie formatted by cowsay | |
| - | |
| - to build: gcc -o cowsayd -lpthread cowsayd.c | |
| - on Centos 7, install fortune with yum install fortune-mod | |
| - and install cowsay from rpm at http://www.melvilletheatre.com/articles/el7/ | |
| - | |
| - derived from Brain Damaged web server (http://supratim-sanyal.blogspot.com/2016/07/httpd410server-tiny-free-web-server-to.html) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/sh | |
| # | |
| # cowsayd Start/Stop the cowsayd daemon. | |
| # | |
| # chkconfig: 2345 90 60 | |
| # description: cowsayd is a minimal telnet server to return a fortune+cowsay cookie and exit | |
| # Supratim Sanyal - supratim at riseup dot net | |
| # Copy this to /etc/init.d, chmod +x and chkconfig --add. | |
| # | |
| # Source function library. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/profile.d/custom.sh - get a fortune-cowsay message on logging in | |
| if [[ $(which cowsay > /dev/null ; echo $?) -eq 0 ]] && [[ $(which fortune > /dev/null ; echo $?) -eq 0 ]] ; then | |
| cowsay -f $(ls $(cowsay -l | awk 'NR==1 {print $4}' | sed 's/://') | shuf -n1) $(fortune) | |
| echo | |
| fi |
tuklusan
/ jail.local
Last active
September 22, 2016 12:36
Configure intrusion attempts to CentOS 7 server using fail2ban with reporting to blocklist.de - described at http://supratim-sanyal.blogspot.com/2016/09/fail2ban-for-centos-7-with-ip-and.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # | |
| #/etc/fail2ban/jail.local | |
| # | |
| [DEFAULT] | |
| banaction = iptables-ipset-proto4 | |
| # Whitelist private IPs, blocklist.de IPs and Uptime Robot IPs | |
| ignoreip = 127.0.0.1/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 89.149.254.157 89.149.237.105 89.149.242.40 80.67.29.225 80.67.16.214 78.46.95.41 89.149.201.23 85.181.13.140 178.63.159.40 78.46.91.247 78.46.91.239 69.162.124.226 69.162.124.227 69.162.124.228 69.162.124.229 69.162.124.230 69.162.124.231 69.162.124.232 69.162.124.233 69.162.124.234 69.162.124.235 69.162.124.236 69.162.124.237 69.162.124.238 46.137.190.132 122.248.234.23 188.226.183.141 178.62.52.237 54.79.28.129 54.94.142.218 104.131.107.63 54.67.10.127 54.64.67.106 159.203.30.41 46.101.250.135 108.31.82.24 |
tuklusan
/ fail2ban.local
Last active
October 21, 2016 15:03
Fail2Ban Intrusion Prevention on Solaris 11 OPENINDIANA SunOS 5.11 Illumos with Reporting to Blocklist.de: http://supratim-sanyal.blogspot.com/2016/09/fail2ban-intrusion-prevention-on.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/fail2ban/fail2ban.local | |
| # solaris 11 openindiana | |
| # See http://supratim-sanyal.blogspot.com/2016/09/fail2ban-intrusion-prevention-on.html for details | |
| [Definition] | |
| logtarget = /var/adm/fail2ban.log | |
| #loglevel = DEBUG | |
| loglevel = INFO |
tuklusan
/ jail.local
Last active
October 21, 2016 15:16
Fail2Ban Intrusion Prevention on Solaris 11 OPENINDIANA SunOS 5.11 Illumos with Reporting to Blocklist.de: http://supratim-sanyal.blogspot.com/2016/09/fail2ban-intrusion-prevention-on.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/fail2ban/jail.local | |
| # solaris 11 openindiana | |
| # See http://supratim-sanyal.blogspot.com/2016/09/fail2ban-intrusion-prevention-on.html for details | |
| [DEFAULT] | |
| # "ignoreip" can be an IP address, a CIDR mask or a DNS host. Fail2ban will not | |
| # ban a host which matches an address in this list. Several addresses can be | |
| # defined using space separator. | |
| # Whitelist private IPs, blocklist.de IPs and Uptime Robot IPs | |
| # ignoreip = 127.0.0.1/8 10.0.0.0/8 172.16.0.0/12 192.168.0.0/16 |
tuklusan
/ mail-whois-common.local
Created
September 22, 2016 16:02
Fail2Ban Intrusion Prevention on Solaris 11 OPENINDIANA SunOS 5.11 Illumos with Reporting to Blocklist.de: http://supratim-sanyal.blogspot.com/2016/09/fail2ban-intrusion-prevention-on.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # /etc/fail2ban/action.d/mail-whois-common.local | |
| # solaris 11 openindiana | |
| # See http://supratim-sanyal.blogspot.com/2016/09/fail2ban-intrusion-prevention-on.html for details | |
| [DEFAULT] | |
| _whois = whois n <ip> || echo "missing whois program" |
OlderNewer