Currently in Alpha Testing - BreakScripts Script (BSS)
Hi all,
I've been working on a script breaking script that works on all types of scripts that I'm aware of. (For example: .cgi .php .pl .sh .php2 .php3 .php4 .phps4 .php5 .mv .ncmv .shtml .phtml). So now when a spammer signs up and uploads the goods, it won't matter what he tries to do, things just won't work (except of course regular POP mail, but if he tries that my watch mail script will notify me of that).
This script is to replace BreakCGI and BreakPHP. I will gladly provide free upgrades to anyone who has purchased either of these scripts. Please write to my support address if you're interested in getting the free upgrade (this offer good for a limited time, until version 2.x is created).
This script watches the last X sign ups. When a new account is created, it immediately goes in and disables the ability to run the most commonly used scripts. If the user tries to re-enable scripts, it will disable it again and again until one of two things happen.
1) you white list the user.
2) They become the last X + 1 sign up. In other words, if you want to automatically disable scripting on the last 2 sign ups, all but the last 2 sign ups will have their scipting disabled. If you get a new sign up, the third from the last sign up will have their script re-enabled automatically.
Any feed back is welcomed.
New: Script Breaking Script
Moderators: BBear, theunknownhost, flaguy
-
Arf
- Official Test Penquin
- Posts: 9103
- Joined: Tue Apr 09, 2002 12:00 am
- Location: IDAHO, USA
- Contact:
Minor update:
I've also written a companion daemon program which grabs a very tiny footprint in memory (so small you'll probably never see it in top). While the regular program runs every X minutes, the daemon "can" run as a backup running every X seconds. I recommend 5 to 15 seconds (configured in the config.sh file). A good hacker will figure out how the scripts are being broken and try to circumvent it to re-enable scripting. This wouldn't be outside the relm of possibilities. However, the daemon will quickly identify such changes, circumvent this and notify you of the incident by email.
Even without the daemon, the program will similarly identify such changes and re-enable script blocking but window of oportunity is a little wider in this case.
I've also written a companion daemon program which grabs a very tiny footprint in memory (so small you'll probably never see it in top). While the regular program runs every X minutes, the daemon "can" run as a backup running every X seconds. I recommend 5 to 15 seconds (configured in the config.sh file). A good hacker will figure out how the scripts are being broken and try to circumvent it to re-enable scripting. This wouldn't be outside the relm of possibilities. However, the daemon will quickly identify such changes, circumvent this and notify you of the incident by email.
Even without the daemon, the program will similarly identify such changes and re-enable script blocking but window of oportunity is a little wider in this case.
Who is online
Users browsing this forum: No registered users and 1 guest