head	1.4;
access;
symbols
	RELEASE_8_3_0:1.4
	RELEASE_9_0_0:1.4
	RELEASE_7_4_0:1.3
	RELEASE_8_2_0:1.3
	RELEASE_6_EOL:1.3
	RELEASE_8_1_0:1.3
	RELEASE_7_3_0:1.3
	RELEASE_8_0_0:1.3
	RELEASE_7_2_0:1.3
	RELEASE_7_1_0:1.3
	RELEASE_6_4_0:1.3
	RELEASE_5_EOL:1.3
	RELEASE_7_0_0:1.3
	RELEASE_6_3_0:1.3
	PRE_XORG_7:1.3
	RELEASE_4_EOL:1.3
	RELEASE_6_2_0:1.3
	RELEASE_6_1_0:1.3
	RELEASE_5_5_0:1.3
	RELEASE_6_0_0:1.2
	RELEASE_5_4_0:1.2
	RELEASE_4_11_0:1.2
	RELEASE_5_3_0:1.2
	RELEASE_4_10_0:1.2
	RELEASE_5_2_1:1.2
	RELEASE_5_2_0:1.2
	RELEASE_4_9_0:1.1;
locks; strict;
comment	@# @;


1.4
date	2011.10.24.09.10.46;	author dougb;	state Exp;
branches;
next	1.3;

1.3
date	2005.11.25.06.02.45;	author linimon;	state Exp;
branches;
next	1.2;

1.2
date	2003.10.14.12.31.30;	author daichi;	state Exp;
branches;
next	1.1;

1.1
date	2003.08.28.09.21.14;	author edwin;	state Exp;
branches;
next	;


desc
@@


1.4
log
@The vast majority of pkg-descr files had the following format when they
had both lines:

Author: ...
WWW: ....

So standardize on that, and move them to the end of the file when necessary.

Also fix some more whitespace, and remove more "signature tags" of varying
forms, like -- name, etc.

s/AUTHOR/Author/

A few other various formatting issues
@
text
@Scan Apache log files for CodeRed, Nimda, FormMail, proxy scanners and
other malicious probes. For each one found, track down the contact email
from WHOIS data and send a notice. Built-in rate controls prevent flooding
an admin even when his machines are scanning at high rates. Runs as a
non-privileged cron job to not interfere with the HTTP daemon's operation.

WWW: http://www.cs.cmu.edu/~dpelleg/hunch.html
@


1.3
log
@Chase URLs per distfile survey.
@
text
@a7 4

-- Dan Pelleg

daniel+hunch@@pelleg.org
@


1.2
log
@update security/hunch: 1.1 -> 1.1.1

PR:		57917
Submitted by:	Dan Pelleg <daniel+hunch@@pelleg.org> (maintainer)
@
text
@d7 1
a7 1
WWW: http://web.cs.cmu.edu/~dpelleg/hunch.html
@


1.1
log
@New port: hunch - Scan httpd log files, find vulnerability probes,
mail admins

	Scan Apache log files for CodeRed, Nimda, FormMail, proxy
	scanners and other malicious probes. For each one found,
	track down the contact email from WHOIS data and send a
	notice. Built-in rate controls prevent flooding an admin
	even when his machines are scanning at high rates. Runs as
	a non-privileged cron job to not interfere with the HTTP
	daemon's operation.

	Notes to committer:
	 1. This port installs a user and a group "hunch". It doesn't
	 meet the conditions listed in the handbook for a "reserved"
	 uid/gid.
	 2. portlint will complain about the port. A lot. To the
	 best of my judgment all of the warnings can be ignored
	 with the exception of the one about BATCH which I could
	 find no documentation for. Therefore it is setting
	 IS_INTERACTIVE.

PR:		ports/44836
Submitted by:	Dan Pelleg <daniel+hunch@@pelleg.org>
@
text
@d7 2
@

