13 Mar 10 DynaBlast, and your access_log give you something

If you want an apache httpd server access_log scanner written in C that check for you every IP address that exceed a given number of hits in the last given time period, then DynaBlast is a tool that make sense for you.

This tool, released as usual in GPLv2, can be spawned every minute in crontab without the risk of having two instances running: we make use of a lock mechanism.
It has a fast mode that can skip already parsed line from a consecutive scan, so each time it runs, it play very fast.

In stdout you’ll get the scanning result. Ex:

blacklisted:10.248.220.43
blacklisted:23.212.121.165

You can download DynaBlast from here: http://www.tuxweb.it/?section=progetti/dynablast

Ciao, Dino.

Tags: apache, blacklist, Linux, server, sysadmin
Filed in General news, Linux OS, Sysadmin pills, What's hot with 0 Comments

21 Feb 10 Scandalo, the fast and Simple clamdscan mail frontend

Hi people.
I’m now talking about a simple GPLv2, C written, small program that work as a very fast clamdscan antivirus frontend.

Scandalo can take a mail on standard input and parse it from viruses, piping it to clamdscan.
It then get the virus status from clamdscan and put a mail header called “X-Virus-Ret” returning the virus scanner status.
It also put a mail header called “X-Virus-stream” returning the first virus name found (if any).

You can then setup a rule on your (say, maildrop) mail filter to pipe the incoming mail to scandalo, and another rule to check the return scanned mail header for viruses.
If a virus was found, you can drop the mail, or put it into a .Virus maildir.

If you have any question, I’m the developer of scandalo.
Scandalo – http://www.tuxweb.it/?section=progetti/scandalo&

Write me a note at dino@tuxweb.it.

Ciao, Dino.