So, Saturday and today I spend a bit of time updating my honeynet check mirror application, which retrieves information from various mirrors to do an educated guess on when the mirrors did a last sync (all in perspective ofcourse because it doesn’t tell the actual status, but at least it’s a guide, and if properly done, we can see what happends).
That ofcourse doesn’t mean the tool is honeynet only, you can easily change it for your own needs to enlist several own mirrors etc. It’s just that I named it for the honeynet project: check_honeynet, one could argue to name it “evil-mirror-validator” or something (evil- are prefixes of most of my projects).
Anyway: back to the discussion: v1.7 has a new way of parsing configuration records which is rather straight forward. I will be implementing the same for 2.0 (which is actually just a continued development on top of 1.7). This makes use of the Config::Simple module, which enables me to write it all ini-style based (it was already like that, but then resolved more ugly then it is now).
If you browse to the downloads section, you will find it there, with a published web-frontend and so on. If you have any comments please let me know. From what I saw from my local tests this just works fine.
For 2.0 I will be issueing a seperated statistics file, which I will write ini based (from the application) to gather statistics about [ok] [bad] [banned] hosts. This way we can more selectively send messages to the bogus mirror, and even ban them (which could result in an automated removal from the main site for example) if they trigger the (adjustable) thresholds.