- Change language to:
After feedback and a little development, 1.2 has seen the light.
#!/usr/bin/perl
###########################################################################
# $Id: check_honeynet-evilcoder.pl,v 1.7 2006/02/10 10:59:51 remko Exp $
###########################################################################
###########################################################################
# Copyright (C) 2005, Remko Lodder <remko at FreeBSD.org>. All rights reserved.
# Copyright (C) 2006, Remko Lodder <remko at FreeBSD.org>. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS “AS IS” AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
###########################################################################
###########################################################################
# Contributors:
# Ivo Naninck,
# Marc Plaisier,
# Mart van de Wege
#
# Script:
# This is a stand alone script written for honeynet.org. It’s purpose is
# to check the listed mirrors to see which one is outdated and notify
# the administrator of the outdated mirror if needed. This way the
# mirrors will always be within a certain timeframe and can be removed
# if they are too outdated.
#
# Mart van de Wege recently told me that it would be nice to have a
# higher level mail module. I do not want to do so because i think
# this script should be as low level as possible, requiring as less
# modules as possible. Making it easier to run this on various
# machines without needing to install the entire CPAN to function.
#
# Written in colaboration with Lance Spitzner <lance at honeynet.org>
###########################################################################
use strict;
use warnings;
use Net::SMTP;
use Getopt::Std;
use LWP::Simple;
###########################################################################
# variables. All configurable options are defined below. Please adjust them
# to your need.
###########################################################################
# create the option hash, we will use that later to add our option flags.
my %option = ();
# Online resources (not everything is used yet).
my $source = ‘http://www.honeynet.org’;
my $sourcefile = ‘/path/to/mirrorprobe.txt’;
my $totalpath = "${source}${sourcefile}";
# path to the local mirrorprobe file
my $probefile = ‘/path/to/mirrorprobe.txt’;
# Timeout and current time declaration
my $timeout = 60*60*24*7;
my $honeynet_ctime = time();
# Email settings.
my $enable_mail = 1;
my $mailhost = ‘caelis.elvandar.org’;
my $ehlohost = "$mailhost"; # The EHLO host is the host used
# for greeting the other server.
# You can use the mailhost, or define
# your own.
# Honeynet mirror admins.
my $honeyadmin = ‘"Lance Spitzner" <lancename@honeynet.org>’;
my $fromaddr = ‘"Remko Lodder" <myname@elvandar.org>’; # Change me before production.
# Version, author and script specific behaviour
my $author = ‘Remko Lodder <myname@elvandar.org>’; # Name of the author, respect the license.
my $name = ‘check_honeynet.pl’; # Our scriptname.
my $version = ‘1.2′; # Our version.
my $verbose = 1; # Do we want to have more info when the script runs?
# Example mirror_list.
my %mirror_list = ( ‘http://www.evilcoder.org’ => ‘youremail@elvandar.org’,
‘http://www.freebsd-nl.org’ => ‘youremail@elvandar.org’
);
###########################################################################
# Do not edit anything below this line unless you know what you are doing.
###########################################################################
getopts("chpt", \%option);
if ($option{c})
{
if (defined $verbose)
{
writeln("$name: Starting");
writeln("$name: Writing timestamp");
}
create_timestamp($probefile);
if (defined $verbose)
{
writeln("$name: Finishing");
}
}
elsif ($option{p})
{
if (defined $verbose)
{
writeln("$name: Starting");
writeln("$name: Processing mirrors");
}
process_mirrors(%mirror_list);
if (defined $verbose)
{
writeln("$name: Finishing");
}
}
# test mode, printout information on screen.
elsif ($option{t})
{
my $enable_mail = 0;
writeln("$name: Starting");
writeln("$name: Processing mirrors");
process_mirrors(%mirror_list);
writeln("$name: Finishing");
}
# People expect a help option, provide it for them.
elsif ($option{h})
{
print_help();
}
# No valid options had been given, fallback to the help
# information.
else
{
print_help();
}
sub print_help
{
writeln("$name");
writeln("Syntax: $name [-c | -h | -p | -t ]\n");
writeln("-c");
writeln(" Create the timestamp for the local machine. This timestamp");
writeln(" can be used to determine when the mirrors were last updated.");
writeln("");
writeln("-h");
writeln(" Print this help information");
writeln("");
writeln("-p");
writeln(" Check the status of the mirrors and report that status.");
writeln("");
writeln("-t");
writeln(" Test mode, do not send emails but print the information on");
writeln(" the screen. This overrides the email settings you might have");
writeln(" set in the file");
writeln("Version: $version");
writeln("Originally written by: $author");
}
sub writeln
{
# Write the string provided in the function
my $message = shift;
print "$message\n";
}
sub create_timestamp
{
my $probefile = shift;
open(F_OUT, "> $probefile");
print F_OUT time();
close F_OUT;
}
sub fetch_data
{
my $source = shift;
my $sourcefile = shift;
my $data = get "${source}${sourcefile}";
if ($data)
{
return $data;
}
else
{
# It seems we encountered an error, give an explaination of what happened
# and exit the program with an error flag raised.
writeln("There were problems fetching the status information from $source");
writeln("We cannot continue right now, the problem will cause the program");
writeln("to exit. Please investigate this.");
exit(1);
}
}
sub process_mirrors
{
my %mirror_time;
my %mirror_list = @_;
for my $target ( sort keys %mirror_list )
{
$mirror_time{$target} = fetch_data($target,$sourcefile);
my $mirror_ctime = $mirror_time{$target};
my $mirror_difftime = $honeynet_ctime - $mirror_ctime;
if ($mirror_difftime < $timeout )
{
writeln("OK: $target\t\tchanged: ");
print scalar localtime($mirror_ctime);
writeln("");
}
else
{
# The email option is enabled and we found an outdated mirror
# jump to the email_report function.
if ($enable_mail)
{
email_report($target,$mirror_ctime);
}
# We do not want to send a email, print a warning instead.
else
{
writeln("BAD: $target\t\tchanged: ");
print scalar localtime($mirror_ctime);
writeln("");
}
}
}
}
sub email_report
{
my $target = shift;
my $mirror_ctime = shift;
my $smtp = Net::SMTP->new("$mailhost", Hello => "$ehlohost");
$mirror_ctime = scalar localtime($mirror_ctime);
$smtp->to("$mirror_list{$target}");
$smtp->data();
$smtp->datasend("EHLO $ehlohost\r\n");
$smtp->datasend("MAIL FROM: <$fromaddr>\n");
$smtp->datasend("RCPT TO: <$mirror_list{$target}>\n");
# We need to sleep a little so that all smtp servers can process the email.
# For example: postfix complains about unauthorized pipelining when this is not defined.
sleep(2);
$smtp->datasend("DATA\r\n");
$smtp->datasend("To: <$mirror_list{$target}>\n");
$smtp->datasend("From: $fromaddr\n");
$smtp->datasend("Subject: $target seems to be outdated, please investigate\n");
$smtp->datasend("\n\n");
$smtp->datasend("Hello $mirror_list{$target},\n\n");
$smtp->datasend("You are recieving this email because your mirror ($target) seems to be outdated.\n");
$smtp->datasend("\n");
$smtp->datasend("At this moment it seems that your mirror was last updated on $mirror_ctime.\n");
$smtp->datasend("Could you please check if everything is working as expected?\n\n");
$smtp->datasend("If there is something wrong or you do no longer wish to be a mirror, please notify $honeyadmin\n\n");
$smtp->datasend("–\n");
$smtp->datasend("Thanks for supporting the efforts of Honeynet\n");
$smtp->datasend("The Honeynet mirror admins\n");
$smtp->dataend();
$smtp->quit;
}