Commit e3ac80ca authored by ueli heuer's avatar ueli heuer

Update README.md

parent d96e6a57
mod\_honeypot for Apache 2.4
1.0 Scope
=========
This document describes the function, installation and configuration of
the mod\_honeypot loadable module for Apache 2.4.
......@@ -15,11 +16,13 @@ IPv4
addresses. IPv6 requests will \'walk through\' the module
2.0 Function
============
mod\_honeypot checks the originating IPv4 addresses of incoming requests
against the Project Honeypot DNSBL reference list.
3.0 Requirements
================
This section describes requirements for the host system and the user
doing the installation.
......@@ -47,6 +50,7 @@ Experience with building and installing Apache 2 loadable modules is
desirable.
4.0 Function
============
This section describes the overall functioning of the module and gives
an abbreviated description of how it operates.
......@@ -95,6 +99,7 @@ When a request is received, the module proceeds as follows:
\"Your IP address is on the Project Honeypot offender list.\"
5.0 Installation
================
This section describes how to compile and install mod\_honeypot.
......@@ -211,37 +216,21 @@ definitions.
\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\--
00000001 Log URI when blocked
00000002 Log cache turnovers
00000004 Report trace/debug flag bits
00000008 Report offenders under level threshold
00000010 Report offenders over age threshold
00000080 hp\_check\_ipv4\_cache entry
00000100 search cache
00000800 hp\_add\_ipv4\_cache entry
00001000 insert address
00200000 honeypot\_handler entry
00400000 request method processing
00800000 IPv4 cache processing
01000000 DNSBL lookup
02000000 visitor type processing
04000000 threat level processing
08000000 threat age processing
10000000 add IP to accept/reject cache
Use of the execution trace options can result in very large server logs
......@@ -310,9 +299,7 @@ Suspicious, Harvester, Comment Spammer.
\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\-\--
0x0001 Suspicious
0x0002 Harvester
0x0004 Comment Spammer
When a request is from an IP with a visitor type, if the visitor type
......@@ -321,6 +308,7 @@ accepted. The visitor type is octet 4 of the DNSBL response. Consult the
Project Honeypot API for specific information about this octet.
7.0 Error Messages
==================
This section describes ordinary error messages which may be logged by
the module.
......@@ -391,6 +379,7 @@ The local resource URI is logged only if the TC\_LOGDEBUG directive is
used and bit 0x1 is set.
8.0 Exceptions
==============
This section describes potential problems.
......@@ -459,11 +448,13 @@ required to get that rate, linear search probably has an effect as noted
above. Your mileage will vary.
9.0 Problem Reports and Feature Requests
========================================
Direct problem reports and feature requests through the following email:
ueli-honypot ( a t ) heuer \[ dot \] org
10.0 Credits
============
The port for apache 2.4 wouldn\'t exist without the work of
http://www.miim.com/software/linux/modhoneypot.html
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment