Hacking Linux Exposed

About
Authors
Contents
Reviews
Foreword
Purchase

Articles
Books
Sourcecode
Tools
Errata

Home

 


(view this code in a separate window) 

#!/usr/bin/perl
#
# block_windows_worms.pl
#
# Example of program that can read Apache
# logs and take actions.  Unfortunately, it
# can be tricked into running commands as
# root through the system() call.
#
# Copyright 2002, Bri Hatch
#
# Released under the GPL.  See COPYING file
# for more information.

use strict;
use FileHandle;

open LOG, ">>/path/to/windows_worms.log";
LOG->autoflush(1);

while (<STDIN>) {
	my($IP) = / ( \d+ \. \d+ \. \d+ \. \d+ ) /x;
	my($URI) = /^ \w+ \s (\S+) /x;

	system("iptables -A input -s $IP -j DROP");
	print LOG scalar(localtime), " : $IP : Attempted to access $URI\n";
}