2008 June

Politiek (NL versie)

On June 30, 2008, In Weblog, by Remko

Normaal gesproken probeer ik me zoveel mogelijk afzijdig te houden van de politieke perikelen in het land. Ik denk dat een IT’er zich niet 123 bezighoud met de politieke situatie in een land. Ik zie dat gewone (Echte) contributors, ontwikkelaars en gebruikers gelijk zijn, ongeacht ras, politiek, religie, handicap etc. Dat is bijna niet mogelijk in de gewone wereld!

Buiten dat, de politieke situatie in Nederland veranderd dramatisch; Jan Modaal wordt hard geraakt, en de mensen die minder verdienen worden nog harder geraakt. De politieke leiding legt uit dat alles gewoon normaal is; dat niemand zich zorgen hoeft te maken etc. Maar ze vergeten misschien dat ze veel meer verdienen dan de groepen die ik zojuist opnoemde. Een verhoging van belastingen (daarover later meer) heeft op hun veel minder effect dan op de gewone man.

In Nederland hebben we de hoogste belastingen op benzine, een kleine 70% van het totale bedrag dat betaald wordt aan de pomp, gaat naar de staats-kas. In plaats van dat dat gebruikt wordt om de wegen etc te verbeteren, wordt er maar een klein deel gebruikt om dit soort activiteiten te ontplooien.

We hebben ook een zogenoemde milieu tax, verpakkings belasting, uniek in nederland, levert het land een kleine 18 miljard op. Dit zou gebruikt moeten worden om de natuur etc te verbeteren, maar helaas nog geen 1% van de opbrengsten worden hiervoor gebruikt. Wouter Bos lacht zich rot.

Normale belastingen gaan ook omhoog naar 20%, eten en andere belangrijke elementen zijn gemiddeld tussen de 6% en 30% gestegen.

De salarissen in het land zijn globaal gezien gestegen tussen de 2 en 5% (mijn gok, waarbij er ook groepen gewoon al jaren GEEN salaris verhoging krijgt); wat de duurdere prijzen nergens compenseert.

Dus in het kort, alles wordt veel duurder, de mensen worden uitgemolken in plaats van geholpen en niemand die opstaat om hier wat tegen te doen. Het is tijd dat daar wat aangedaan wordt. IEMAND moet opstaan en tegen dit politieke debakel vechten!

Een ander onderdeel van mijn klaagzang is dat de europese mensen een duidelijke NEE hebben gezegd tegen de europese grondwet. Eerst frankrijk en nederland door een publiekelijk referendum, daarna ierland. De nederlandse politieke leiding heeft echter de NEE verworpen en gezegd dat met een beetje constructief woord-aanpassen we alsnog JA kunnen zeggen tegen de grondwet. Tegen ierland is gezegd dat men waarschijnlijk een foutje heeft gemaakt want NEE is een vergissing. Men moet de poging maar opnieuw doen want dit is niet acceptabel. Hoe moeilijk kan het zijn om een NEE te begrijpen? Vast en zeker de politieke leiding die problemen ziet met hun inkomsten als europa er niet komt. Wordt toch wakker! De mensen hebben gezegd NEE, accepteer dat. Democratie is het vertegenwoordigen van de mensen van het land, deze zeggen NEE.

Ik word doodziek van de politieke leiders van dit land. Echter helaas heb ik te weinig kennis en ervaring om hierin iets te veranderen, wat ik echter wel weet is dat zolang er niemand opstaat, het leven alleen maar slechter wordt de komende jaren. Het land zal zich moeten verenigen en een vuist moeten maken!

Zo, tot zover mijn eerste (en misschien ook wel enigste) klaag-blog over de politieke situatie in Nederland. Voor engelstalige mensen is er ook een engelse versie beschikbaar.

Tagged with: Politiek

Politics

On June 30, 2008, In Weblog, by Remko

Normally I try to get away from the political situation in the country as much as possible. I feel that IT employee’s, shouldn’t actually bother with the political situation in a country. I see normal contributors, developers, users (not the whacked people that also pop up every now and then) as equal’s, independent by race, politics, religion, handicap, whatever. Something that is nearly impossible in the regular world.

That aside: the political situation in the Netherlands is changing dramatically. “Jan Modaal” is struck hard, not to mention the even less-earning people. The political leaders explain that everything is just regular, no worries etc. But they seem to forget that their salaries are much much higher then most people in the country, so increasing taxes (more on that later); doesn’t affect them as much as it does me, or others.

In the Netherlands we have the highest tax rate on the gasoline’s, a near 70% of the entire amount payed for gasoline flows to the state. Instead of it helping to improve roads and resolve traffic problems, just a limited amount of that money is being used to improve the roads et all.

We also have a few nature taxes, wrapping taxes which is unique in the Netherlands, provided the country with a near 18 billion euro’s. It should be spend on improving nature and stuff. But not even 1% is being used for that.

Regular tax-fee’s also increase to 20%, food and other important assets had an increase in prize that starts with 6% and stops at around 30%.

Salaries in the country globally rose with around 2 to 5% (my guess), which does not compensate the food increment prices at all.

So in short, everything is getting much more expensive, people are milked out instead of being helped, and no one actually stands up! It’s time to change that, someone has to stand up and offer resistence to this political debacle.

Another point of my ranting is that the European people said a loud NO to the European Consitution, first France and The Netherlands by public referendum, now Ireland as well. The Netherlands (Political team) rejected the NO and said “with a little word-smithing, we DO say YES to the consitution), towards Ireland it had been told: “it was a mistake, you should redo this, because you actually didn’t say no”. How hard can a NO be? Very hard in the opinion of the money-greeding people in the parlements. They see their profit drop in case the european constitution or whatever it is going to be called isn’t getting true. WAKE UP. The people said NO, ACCEPT THAT.

I get sick and tired of this country’s political leaders, sadly I lack knowledge and experience to really change something, but I do know that in case nobody steps up, life is getting much worse the upcoming years. The country has to unite, and pick a stand.

So far my first (and perhaps only) ranting about the political situation in the Netherlands. I will also translate this to the Dutch language for native readers.

Tagged with: Politics

AviFauna

On June 29, 2008, In Weblog, by Remko

Friday we have been to Avifauna with Luca, a very nice day and a really good idea if you want to see some really nice birds! One of the examples is below:

Tagged with: avifauna • birds • luca

Current projects

On June 29, 2008, In Weblog, by Remko

I am currently working on a lot of projects,

At work I am involved with Cisco/Netscreen’s and Fortigate’s,

I am preparing two different presentations
- one for EuroBSDCon together with Tom Scholten (who did most work so far)
- one for an upcoming BSD-event in the netherlands, on the 13th of december in Utrect, BE THERE ), – I am also trying to help with the BSD-event (assisting the organisers).

Personally:
- I am also working on writing an article that should help parents getting more insight in what their kids are doing online, and what simple grounds one can have to “Defend” the kid against nastiness on the internet (recently a topic was shown within the netherlands that certain people try to own webcam’s of kids so they can see them naked after showering. Horrible!),
- I am trying to write a firewall management environment (distributed) which can be used by pfSense and just regular BSD environments. I think that can really add up to the usage of *BSD related firewalls
- I am also continuesly developing the freebsd dutch documentation project
- Doc work, WWW work, Secteam work, secteam-secretary work (slacking there), src/ work and MFC’s
- I need to get some appointments going so that I have a better agenda again
- Doing an exam in the near future again..
- Making some nice pictures of flowers and things in the environment here
- Ranting about the political situation in the Netherlands, I’ll try to write an article about my view on what is happening (trying to get only facts and not my opinion, because that shouldn’t matter).
- Trying to see Denise and Luca as much as possible (ofcourse )

Life’s busy, but it keeps me going ,

Tagged with: Article • Firewall • FreeBSD • Management • Projects

FreeBSD Core Team

On June 29, 2008, In FreeBSD, by Remko

So, I recently added myself as a candidate for the FreeBSD Core Team, giving a short explaination about why I can be of help in my opinion . So far 27% of all people had voted, so I hope that more people will vote to get the best team possible (With or without me ofcourse).

May the best team win

Recent experiences

On June 15, 2008, In Technical, by Remko

So, recently I obtained several new experiences .

I am working with Fortigate machines (AFA1000′s) and Juniper Netscreen SSG550′s, which are both great machines to work with. I touched a couple of netscreens just a week before I started my new assignment, and now I work full time with them. Beyond that I also try to support the team I am in now with cisco/networking knowledge so that the team can keep on rolling (even if the grand-master will be on holiday within 2 months from now).

Apart from the work experience I also did some work in perl again and finished up check_honeynet.pl v2.0.3b (Which will eventually become v2.0) and I am playing around with svn and mirroring subversion stuff (For FreeBSD and my own projects).

Seeing my upcoming agenda makes it a bit challenging to properly give all my activities enough time, but I am sure I Can manage that just fine.

Tagged with: Fortigate • Fortinet • Honeynet • honeynet.pl • Juniper • Netscreen • Perl • SSG550

The BSDCan conference writeup

On June 14, 2008, In FreeBSD, by Remko

After writing my previous post, I thought it would be better to writeup a single (longer) story that covered all days instead of just one (OK it got delayed a bit )

“The life of two FreeBSD Developers and a girlfriend traveling towards BSDCan”

BSDCan is one of the biggest BSD meetings / events in the year, many developers and contributors visit this event to share thoughts and express their opinions about whatever comes to mind.

The developers are: Ed Schouten, Remko Lodder and the girlfriend is Denise (my girlfriend)

On the 13th of may 2008, it was that time. We were going to fly with the three of us to Canada to visit the FreeBSD Developers Summit (which was planned just before the official conference) and the BSDCan Conference. Both Ed and my employer (Snow BV) asked us whether we wanted to participated in this conference and ofcourse we wanted to do so. For Ed this has a positive input on his final internship at our company, and for me it’s an opportunity to guide Ed along the path of FreeBSD, and to finally meet several people that I never met before (because they never visit Europe for example).

Thanks a lot for facilitating us Snow! We greatly appreciated it and we had a great conference!

Snow thought it was a great idea to let Ed travel to Canada to present his upcoming mpsafetty work to the developer crowd. I was also asked by the FreeBSD developers and by Snow to travel towards Canada, to guide Ed and to meet my fellow developers, some of which I had never seen before, Denise also wanted to travel along and Snow arranged everything so that we could actually go with the three of us…

The travel started very early, Denise and I needed to fetch the plane at 0715, to fly through London Heathrow towards Ottawa Airport. Ed had a flight later, and joined us at Heathrow airport before we left to Canada. We ate a bit, spotted some fellow FreeBSD members (Robert Watson, Doug Rabson and Poul-Henning Kamp), they were going to have the same plane as us (poor them ).

The flight towards canada was a line-flight, not entirely full, so we had space near the emergency exits, and we also had a couch for the three of us. Plenty of space! Robert Watson had a entire couch for himself, which he used to workout some details (on his laptop).. Denise, Ed and I listened to music, watched a movie (in our personal entertainment system onboard of the plane) and talked a lot.

After arriving in Canada, we started the procedure to adopt to the time, in the Netherlands it was already late in the evening, while it was just noon in Canada. Very interesting to see if you never experienced it before.. We also had great fun at immigrations, we were seperated, and Denise got asked why she was traveling to canada etc. She said she visited the BSDCan event to meet other FreeBSD people, luckily for her they didn’t ask much beyond that, because simply she doesn’t now . Robert, Doug and Poul-Henning where lucky to get picked up by Dan Langille (The BSDCan organiser); and we took the bus towards the university, a nice ride, with special lanes for the busses (dutch government, are you listening!?).

At the university we checked in, and put out all our stuff, and tried to find the other nerds that were also there. We found them at the Royal Oak (A cafe nearby), where we ate, drank and after a while returned to the residence to almost instantly fall asleep.

Ed and I woke up in the middle of the night, myself at 0400AM (canada time) and Ed at 0500AM, strange time to wake up, but it was already 10/11am in the Netherlands. That didn’t make us feel that well yet , the breakfast was served for the three of us.

Ed and I visited the two day FreeBSD Developers summit, a meeting of FreeBSD Developers and invited guests, while Denise traveled through Ottawa to see what was happening there. On the first day, Ed gave a talk about his project, and funnily enough, no resistance popped up. He even got support from various people that he should proceed, and finish this up and all. Very well presented and the results were terrific.

Other talks that day: GreenBSD (energy reducing development for FreeBSD), finstall, kernel booting through http, FreeBSD Embedded status update, Network Stack BoF, Bugbusting/Gnats BoF, Profiling and Debugging tools, release packaging tools, VImage & Virtualization BoF.

A productive first day, with very interesting topics. Later that day Denise and I headed out for dinner, while Ed joined the community and had dinner with them. Denise and I got accompanied by Colin Percival (FreeBSD’s Security Officer), we walked to the Royal Oak, had some good talks with the three of us and where we got later joined by Ed. We walked around a bit and had a drink here and there, and again headed to bed early, we needed to be fit for the second developers day.

The second day was again covered by multiple interesting talks:

Transparant TCP interception, NFS Lock manager, FreeBSD Foundation Update, What’s happening in the world of ports and portsmgr, TCP SMP Scalability en Revising Revision Control (about the big move from CVS to SVN, which happened in the timeframe between Canada and now). Ed and I also visited the syscons/input BoF, where we could speak natively, accompanied by Philip Paeps and Marcel Moolenaar. We also saw a practical example of Coverity, and we finally concluded the day with Denise and all developers in the Indian restaurant nearby the residence. One should ask Ed for his Cowboy Act, the people from Isilon can surely remember that part .

The third day was the real opening of BSDCan itself, again multiple talks where given by developers and interested people in the BSD community. Ed and I spoke with an Apple developer about llvm, a BSD licensed C(++) compiler. Very interesting talk with the three of us. I also took part in the BSDA certification (which I (ofcourse) got).

In the evening the three of us (Ed, Denise and I) went to the Hardrock cafe, where we ate a nice big american burger, needed to show our ID’s while ordering beer (ehm I have a 5 year old kid…).

The fourth day we spend visiting the city a bit. We didn’t had the regular breakfast but had a sneakpeak at Cora’s. Here one should eat when he is in Ottawa. Very nice (and MUCH) food! After that we phoned home and visited the city with an amphibious bus, which drove us through the city. Very good way to see a lot of the city in one go. We also visited the river a bit (hey the bus could float, lets use that). After that we returned to the university and where just in time to see the closing ceremony. A funny rehash of what all happened during BSDCan, an auction for the homeless people near the university (Where a core-signed cap was worth 260dollars! and a few shirts 100+ dollars). Again we concluded the day with the three of us (Denise needed to spend time with us after being alone for much of the period) which we did at an Italian restaurant. Good food again!

The fifth day was our final day in Canada. We packed our suitcases, got hold of Brad Davis and his friend, who hold a table in Cora’s for us, where we again had (HUGE) breakfast. After that we walked around a bit in the city, saw some places we didn’t see the day before, and returned to the residence to pickup our stuff, and returned to the airport, with Peter Wemm and Doug Rabson near us.

We had a great flight back with a couple of developers, Bjoern Zeeb made some evil pictures of the crowd, try to find them

to conclude: YOU MUST BE AT BSDCAN NEXT YEAR MMKAY?

New check_honeynet version released

On June 4, 2008, In Weblog, by Remko

It’s that time again, I released an alpha version for check_honeynet v2.0 (v2.0.a2 to be exact); which adds some minor new stuff to the setup. Next thing is to extend the minor new stuff (statistics, we dont warn everytime anymore, and stuff like that) and rewrite the entire codebase so that it’s even easier to use and read (hopefully); with as less packages (Externally) as possible (one should not have to install the entire perl-cpan repository to be able to use the script

Check it out in the downloads section!

check_honeynet v2.0.a2

On June 4, 2008, In Downloads, by Remko

Release 2.0.a2 (Alpha quality) for check_honeynet is here , go check it out!

PLAIN TEXT

PERL:

#!/usr/bin/perl
# $Id: check_honeynet.pl 801 2008-06-03 20:40:53Z remko $
###########################################################################
###########################################################################
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
#
# THIS SOFTWARE IS PROVIDED BY AUTHOR AND CONTRIBUTORS ``AS IS'' AND
# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL AUTHOR OR CONTRIBUTORS BE LIABLE
# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
# SUCH DAMAGE.
###########################################################################
###########################################################################
# Contributors:
# Ivo Naninck, (Language), Marc Plaisier (language), Mart vd Wege (Mailer
# suggestion),
# Lance Spitzner (the most valueable feedback regarding the script).
# Richard Arends (suggested the actual perl mailer; and gave a good example
# on how to use the module),
# Robert Blacquiere (showed me Simple::Config, which I am using now to
# obtain configuration informatin, as well as write statistics to a
# temporary file)
#
# Script:
# This is a stand alone script written for honeynet.org. It's purpose is
# to check the listed mirrors to see which one is outdated and notify
# the administrator of the outdated mirror if needed. This way the
# mirrors will always be within a certain timeframe and can be removed
# if they are too outdated.
#
# Written in colaboration with Lance Spitzner <lance@honeynet.org>
###########################################################################
###########################################################################
# Differences between releases, started this between 1.5 and 1.6 sorry
# for the loss of potential usefull information (although I might be able
# to retrieve the missing data from my CVS branches).
# Note that all the three version based versions are just bugfixes to some
# degree.
# Version Who What
# 1.1 Remko Initial script to check the mirrors.
# 1.1->1.2 Remko
# 1.2->1.3 Remko
# 1.3->1.4 Remko
# 1.4->1.5 Remko Code cleanups, restructure of code; corrected
# some bugs between various releases spotted
# by Lance.
# 1.5->1.6 Remko Cleanups, changed structure for timestamp
# retrieval; make it human readable and match
# on a specific pattern. Made the version dependend
# on the configuration version and visa-versa
# to be able to make big config changes.
# BF-1: Fix the email send options by using the
# correct Net::SMTP commands.
# BF-1: Fix the parsing of the new mirrorprobe
# layout.
# BF-2: Change the Mailer used to send out the
# report.
# 1.6->1.7 Remko Implement Config::Simple, makes configuration
# much easier!
# 1.7->2.0 Remko a1: Implement that we can trace various sites with
# multiple problems more easily by using a
# semi-persisent configuration file. This brings
# the entire branch to an entirely new world.
# Which is why we bump the version to 2.0
# a2: Implement file-statistics checker, if the
# file does not exist yet, we need to make sure
# we know and that we can bypass certain readins
# so that we are not going to get into trouble
# later on.
###########################################################################
use strict;
use warnings;
use LWP::Simple;
use Getopt::Std;
use Mail::Sendmail;
use Config::Simple;
###########################################################################
# variables. All configurable options are defined below. Please adjust them
# to your need.
###########################################################################
# Version, author and script specific behaviour
my $author = 'Remko Lodder <remko@FreeBSD.org>'; # Name of the author
my $name = __FILE__; # Our scriptname.
my $MAJOR = '2'; # Our major version
my $MINOR = '0'; # Our minor version
my $PATCHLEVEL = 'a2'; # Our patchlevel
my $version = "$MAJOR.$MINOR.$PATCHLEVEL"; # Our version.
###########################################################################
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
# Do not edit anything below this line unless you know what you are doing.
# !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
###########################################################################
###########################################################################
# Prototypes, specify upfront what we are going to use if globally needed
# and prototype arrays, hashes and functions.
###########################################################################
# create the option hash, we will use that later to add our option flags.
my %option = ();
# Template our arrays
my (@MIRRORS);
# Template some standard variables
my ($CONFIGFILE, $status, $reporthost, $timestamp,$target,
$enable_mail, $cfg, $cfg_out, $outfile, $alert_max,
$alert_min, $alert_mid, $mail_from, $mail_bcc, $mail_cc);
# Prototype functions
sub fetch_data ($$);
sub email_report ($$$);
sub convert_input ($);
sub process_mirrors (@);
sub create_timestamp ($);
###########################################################################
# Script itself
###########################################################################
getopts("cC:f:F:hpR:tv", \%option);
my $config_flag = 1 if $option{f};
my $config_option = $option{f};
my $create_flag = 1 if $option{c};
my $help_flag = 1 if $option{h};
my $process_flag = 1 if $option{p};
my $test_flag = 1 if $option{t};
my $convert_flag = 1 if $option{C};
my $fetch_flag = 1 if $option{F};
my $retrieve_flag = 1 if $option{R};
# Simply assign the contents of the configuration parameter to the
# configuration file variable, otherwise overrule it with the
# default value
$CONFIGFILE = $config_option || "./honeynet.cf";
# Read in current configuration.
# This should always succeed, in case it doesn't then we cannot do
# anything at all.
$cfg = new Config::Simple($CONFIGFILE);
#####
##### Global variable assignment after reading config
#####
# Read in some variales upfront, so that we can more
# easily use them later on.
@MIRRORS = $cfg->param('CONFIG.mirrors');
$outfile = $cfg->param('CONFIG.outfile');
$enable_mail = $cfg->param('CONFIG.enable_mail');
$alert_max = $cfg->param('CONFIG.alert_max');
$alert_mid = $cfg->param('CONFIG.alert_mid');
$alert_min = $cfg->param('CONFIG.alert_min');
$mail_from = $cfg->param('CONFIG.fromaddr');
$mail_bcc = $cfg->param('CONFIG.ccaddr');
$mail_cc = $cfg->param('CONFIG.mirroradmin');
if (-e "$outfile")
{
# Read in the statistics from our last run
$cfg_out = new Config::Simple($outfile);
# Make an instant backup before we do a new run.
$cfg_out->write("$outfile.orig");
}
else
{
# Create the statistics file for our entire run
$cfg_out = new Config::Simple(syntax=>'ini');
}
# Make sure that there us a version statement in the configuration file, so that we can see whether we are
# compabible or not.
if (!$cfg->param('CONFIG.version'))
{
print "It appears that you do not have a version statement in your configuration file. This means that the version you are using now is
too old, make sure that you obtain the latest one and update that to your needs.";
exit(1);
}
if ($cfg->param('CONFIG.version'))
{
my($version_def_major,$version_def_minor) = $cfg->param('CONFIG.version') =~ /(\d+)\.(\d+)/;
# the script can defer between MAJOR and MINOR releases; bugfixes aka patchlevels are
# not affected by this and can thus be ignored.
# TODO: This check should be made more flexible in the future, version 1.4 and 1.5 share
# the same configuration file and should both pass.
if(($version_def_major lt $MAJOR) or ($version_def_minor lt $MINOR))
{
print "You appear to be using an older configuration file that might not be compatible with the current version of the
script, please validate that you have the latest options included and copy over the version statement from the latest available configuration
file. Make sure that the old version statement is overwritten!
The current script runs on version: $version, while the configuration is for version $cfg->param('CONFIG.version')\n";
exit(1);
}
}
# Create a new timestamp that will be fed into the mirrors, which we can use to test the
# age of the mirror.
if ($create_flag) {
create_timestamp($cfg->param('CONFIG.probefile'));
}
elsif ($process_flag) {
# Process the mirrors using the hash we have for them.
process_mirrors(@MIRRORS);
}
# test mode, printout information on screen.
elsif($test_flag)
{
# In test mode we dont send out emails.
$enable_mail = 0;
print("$name: Starting\n");
print("$name: Processing mirrors\n");
# Process the mirrors using the hash we have for them.
process_mirrors(@MIRRORS);
print("$name: Finishing\n");
}
# convert input from unixtime to human readable time.
elsif($convert_flag)
{
print "$option{C} resolves to " . convert_input($option{C}) . "\n";
}
# fetch the mirrorprobe file from the given host
elsif($fetch_flag)
{
my $result = fetch_data($option{F}, $cfg->param('CONFIG.sourcefile'));
open(OUT, "> $cfg->param('CONFIG.outdir')/$option{F}.timestamp");
print OUT $result;
close(OUT);
}
# Fetch the mirror timestamp and parse it. Print the output back on the screen.
elsif($retrieve_flag)
{
my $result = fetch_data($option{R}, $cfg->param('CONFIG.sourcefile'));
print("$option{R} was last modified " . convert_input($result) . "\n");
}
# People expect a help option, provide it for them.
elsif ($help_flag)
{
print_help();
}
# No valid options had been given, fallback to the help information.
else
{
print_help();
}
# print_help: expects no input, just prints the help information on how
# the application should work.
sub print_help
{
print("Usage:\t$name [ -c ] [ -C <value> ] [ -f <configurationfile> ] [ -F <host> ] [ -h ] [ -p ] [ -R <host> ] [ -t ]
\t-c\tCreate the timestamp for the localmachine. This timestamp can be used to determine when the mirror was last updated.
\t-C\t<value> converts the unix timestamp to human readable format
\t-f\t<filename> Use the specified configuration file
\t-F\t<host> fetch the timestamp for an external host, for example: www.honeynet.nl
\t-h\tprint this help.
\t-p\tCheck the status of the mirrors, and report the output to us
\t-t\tTest mode, does not send out emails, but prints the information on the screen.
Version: $version
Originally written by Remko Lodder <remko\@FreeBSD.org, for the honeynet project.\n");
}
# create_timestamp: expects a variable filled with where we should store
# the unixtime (for remote mirrors).
sub create_timestamp ($)
{
my $probefile = shift;
open(F_OUT, "> $probefile");
print F_OUT "Mirrorprobe time: " . time() . "
Local time: " . convert_input(time());
close F_OUT;
}
# convert_input: expects unixtime and converts it to human readable time.
sub convert_input ($)
{
my $output = scalar localtime(shift);
return $output;
}
# fetch_data: gets two variables as input, one with the fqdn of the remote host and one
# with the location of where we expect the remote file. XXX: This looks a bit ugly at the
# moment.
sub fetch_data ($$)
{
my $source = shift;
my $sourcefile = shift;
my $return_data = ();
my $data = get("http://$source$sourcefile");
# IF the remote data is present, take out the numberic time value and return that
# ELSE obscure the data, which will revert to 1969/1970 (depending on what the machine
# considers EPOCH).
if ($data)
{
chomp $data;
$return_data = $data;
$return_data =~ s/\n/\ /;
if ($return_data =~ /\S+ \S+ (\d+) \S+/)
{
$return_data = $1;
}
return $return_data;
}
else
{
$data = 0;
return $data;
}
}
# proccess_mirrors: gets an array as input with all the mirrors in it. It will walk through all hosts
# and do specific actions with them, like printing out a report, or emailing it to the remote
# administrator. It keeps a record of the current statustime.
sub process_mirrors (@) {
my %mirror_time;
my @mirror_list = @_;
for my $target(@mirror_list)
{
$mirror_time{$target} = fetch_data($target,$cfg->param('CONFIG.sourcefile'));
# We should probably dont need to use this since it is implied in the routine itself.
if(!$mirror_time{$target})
{
$mirror_time{$target} = 0;
}
# declare our local time before continueing.
my $honeynet_ctime = time();
my $mirror_ctime = $mirror_time{$target};
my $mirror_difftime = $honeynet_ctime - $mirror_time{$target};
# If the resulting number is less then zero, the remote host is outdated.
my $mirror_timediff = $cfg->param('CONFIG.timeout') - $mirror_difftime;
# Everything that has a calculated time which is bigger then the timeout is
# on the right track, everything that isn't, gets either notified or the
# output will be present on screen.
if ($mirror_timediff gt "0")
{
if($cfg->param('CONFIG.verbose') ne "0")
{
$status = "OK";
$timestamp = scalar localtime($mirror_time{$target});
$reporthost = $target;
write; # Write out our template.
}
next;
}
else
{
my $info = $cfg_out->param("mirrors.$target");
if (defined $info && $info gt 0)
{
if ($info eq $alert_max || $info eq $alert_mid || $info eq $alert_min)
{
# The email option is enabled and we found an outdated mirror
# jump to the email_report function.
if($enable_mail)
{
email_report($target,$mirror_time{$target},$info);
}
}
# Update our local statistics first before anything else
$cfg_out->param("mirrors.$target", $info+1);
$cfg_out->param("checktime.$target", scalar localtime($mirror_time{$target}));
}
else
{
# The email option is enabled and we found an outdated mirror
# jump to the email_report function.
if ($enable_mail)
{
email_report($target,$mirror_time{$target}, $alert_min);
}
# Begin our statistics with 1.
$cfg_out->param("mirrors.$target", 1);
$cfg_out->param("checktime.$target", scalar localtime($mirror_time{$target}));
}
if($cfg->param('CONFIG.verbose') ne "0")
{
$status = "FAIL";
$timestamp = scalar localtime($mirror_time{$target});
# Only override if the message has the old timestamp and thus is broken.
if($timestamp =~ /19[6-7]\d/)
{
$timestamp = "Mirrorprobe file problems!";
}
$reporthost = $target;
write; # Write out our template.
}
}
}
# Specify how our output is going to look like. This generates a nice overview
# on the current status of the various mirrors. This is only being used if we
# print verbose.
# Below: HEADER
format STDOUT_TOP =
----------------------------------------------------------------------------
--------------------------- Honeynet Check results -------------------------
----------------------------------------------------------------------------
Status Site Last changed
.
# Format specifier for the content of the printout.
format STDOUT =
@<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<<< @<<<<<<<<<<<<<<<<<<<<<<<<<<
$status, $reporthost, $timestamp
.
}
# email_report: expects a target and a mirror_time, sends out an email to
# the desired administrator and informs them about the current status of
# the mirror.
sub email_report ($$$)
{
my $status = ();
my $alert_msg = ();
my $target = shift;
my $mirror_time = shift;
my $alert = shift;
my $recipient = $cfg->param("MIRRORS.$target") || $mail_cc;
# Make the mirror time a human parseable time, if this matches the beginning of time
# (For computers at least). Tell that there is a problem.
$mirror_time = scalar localtime($mirror_time);
if ($mirror_time =~ /19[6-7]\d/)
{
$status = "Your mirror seems to have troubles fetching the mirrorprobe file.";
}
else
{
$status = "At this moment it seems that your mirror was last updated on $mirror_time.";
}
if ($alert eq $alert_max)
{
$alert_msg = "NOTE WELL: This is the final warning you will be receiving. Please repair the mirror as soon as possible. In the meantime we will remove your mirror.";
}
else
{
$alert_msg = "NOTE WELL: This is alert number $alert for your host. Please be advised that our current maximum is at $alert_max.\n";
}
my $message = "Hello $recipient,
You are recieving this email because your Honeynet Project mirror ($target) seems to be outdated.
$status
Could you please check whether everything is working as expected?
If there is something wrong or you do no longer wish to be a mirror, please notify $mail_cc
Thanks for supporting the Honeynet Project!
If you have questions or concerts, please do not hesitate to contact us!
$alert_msg
--
The Honeynet Project Mirror Admins";
# Fill our mailhash with information that we are going to send.
my %mail = (
To => "$recipient",
From => "$mail_from",
Bcc => "$mail_bcc",
# only addresses are extracted from Bcc, real names disregarded
Cc => "$mail_cc",
# Cc will appear in the header. (Bcc will not)
Subject => "$target seems to be outdated, please investigate",
'X-Mailer' => "$name $version using Mail::Sendmail version $Mail::Sendmail::VERSION",
message => "$message",
);
# Add an additional header so that we can show that this is our thing.
$mail{'Honeynet.org : '} = "http://www.honeynet.org";
# Send out the mail, if succesfull print that we did OK else
# give error.
if (sendmail %mail)
{
print "Mail alert sent OK.\n";
}
else
{
print "Error sending mail: $Mail::Sendmail::error \n"
}
}
# And as a final action make sure we write out our configuration file.
# Temporary to write out the exact config to our statistics file, later we will use this to write
# down our run-time statistics into a "peristent" file.
$cfg_out->write($outfile);
# End of the script.

Tagged with: development • honeynet.pl • Perl

BSDA

On June 4, 2008, In Weblog, by Remko

During BSDCan I took the liberty to see what BSDA is all about. It's a real good certification in my eyes to get you up and running with the BSD's, not very difficult (or at least not for me), but attractive enough for people that need papers to show and to have a goal for studying. All the basics are in there and a couple of more advanced questions as well (security related for example).

I got mine with 83%, goodluck for others that are also persuing this

Evilcoder.org