ConfigServer Community Forum

Peer support forums for ConfigServer Scripts
https://mail.forum.configserver.com/

REQUEST: The ability to use Honeypot with CSF LFD

https://mail.forum.configserver.com/viewtopic.php?t=4712

Page 1 of 1

REQUEST: The ability to use Honeypot with CSF LFD

Posted: 07 Aug 2011, 18:13
by mvmdata
I am able to use the Joomla extension sh404sef to block ips from project honeypot from viewing my sights by using a simple API key from the honeypot, so I believe this would be a relatively easy add-on to hook up csf & lfd to the project as well. That way I could secure my whole server from the known hacking hot spots and overly permissive ISP's.

Not sure if it is ok to post this...so any mods feel free to remove it, but I'd like to know any me too people out there as well as any other coders that would like to help with this as I do have a budget (albeit a small one so maybe we could pool some me too money)...I use direct admin on my servers so if a plugin for that to then communicate with csf lfd would be an acceptable solution, but not preferred.

Re: REQUEST: The ability to use Honeypot with CSF LFD

Posted: 09 Aug 2011, 17:08
by i0n
What exactly do you want the plugin to do? Can honeypot execute shell code?

Re: REQUEST: The ability to use Honeypot with CSF LFD

Posted: 09 Aug 2011, 17:17
by mvmdata
I'd like to get the list of bad ip's from project honeypot and add them to my firewall. As far as I know you would just execute the shell code on the server running csf lfd and it would make calls to update the list from the honeypot and add them to the firewall, it would of course have to include the free honeypot key. Check out their site's about us page, it's pretty cool...

Re: REQUEST: The ability to use Honeypot with CSF LFD

Posted: 29 Aug 2011, 10:12
by chirpy
You would have to process their RSS feed yourself and place a list of IP's in a text file and then use the GLOBAL_DENY feature in csf.

Re: REQUEST: The ability to use Honeypot with CSF LFD

Posted: 26 Jun 2012, 23:03
by sparkling
Just wondering if anybody has made any progress on automating the honeypot project list into csf. Their RSS feeds only seem to work if you are logged into their web site:

http://www.projecthoneypot.org/list_of_ips.php?rss=1

So, you can't use something like Yahoo Pipes to manipulate the feed into a text file and then just call it via csf...would have been simple.

I'd love to use their feed as a csf drop list, but unsure how to get the data in an automated way. They want people to use http:BL, an Apache module that does a look up on the IP in real time via a DNS query.

But I'd rather put these IP's in the firewall and be done with it.

Anybody with ideas on this one?

Thanks!
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited