diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/rid/Makefile | 34 | ||||
| -rw-r--r-- | security/rid/distinfo | 1 | ||||
| -rw-r--r-- | security/rid/files/patch-Makefile | 11 | ||||
| -rw-r--r-- | security/rid/files/patch-parser.l | 8 | ||||
| -rw-r--r-- | security/rid/pkg-comment | 1 | ||||
| -rw-r--r-- | security/rid/pkg-descr | 12 | ||||
| -rw-r--r-- | security/rid/pkg-plist | 3 |
7 files changed, 70 insertions, 0 deletions
diff --git a/security/rid/Makefile b/security/rid/Makefile new file mode 100644 index 000000000000..d80be02afc82 --- /dev/null +++ b/security/rid/Makefile @@ -0,0 +1,34 @@ +# ex:ts=8 +# Ports collection makefile for: ddos_scan +# Version required: 1.6 +# Date created: Sun Feb 12, 2000 +# Whom: David O'Brien (obrien@NUXI.com) +# +# $FreeBSD$ +# + +DISTNAME= rid-1_0 +PKGNAME= rid-1.0 +CATEGORIES= security +MASTER_SITES= http://packetstorm.securify.com/distributed/ \ + ftp://ftp.ntua.gr/pub/security/technotronic/denial/ +EXTRACT_SUFX= .tgz + +MAINTAINER= obrien@FreeBSD.org + +WRKSRC= ${WRKDIR}/${PKGNAME} +ALL_TARGET= rid + +pre-configure: + @${PERL} -pi -e 's:config.txt:${PREFIX}/etc/rid.conf:g' \ + ${WRKSRC}/config.h + +do-install: + @${INSTALL_PROGRAM} ${WRKSRC}/rid ${PREFIX}/sbin + @${INSTALL_DATA} ${WRKSRC}/config.txt ${PREFIX}/etc/rid.conf +.if !defined(NOPORTDOCS) + @${MKDIR} ${PREFIX}/share/doc/rid + @${INSTALL_MAN} ${WRKSRC}/README ${PREFIX}/share/doc/rid +.endif + +.include <bsd.port.mk> diff --git a/security/rid/distinfo b/security/rid/distinfo new file mode 100644 index 000000000000..0c4cf2f8e097 --- /dev/null +++ b/security/rid/distinfo @@ -0,0 +1 @@ +MD5 (rid-1_0.tgz) = e954c79898465597d0da783738460554 diff --git a/security/rid/files/patch-Makefile b/security/rid/files/patch-Makefile new file mode 100644 index 000000000000..3403d9a62d28 --- /dev/null +++ b/security/rid/files/patch-Makefile @@ -0,0 +1,11 @@ +--- Makefile.orig Tue Feb 8 18:23:08 2000 ++++ Makefile Sun Feb 13 18:32:40 2000 +@@ -1,6 +1,6 @@ + +-CC=gcc +-LIBS=-lsocket -lnsl -lpcap -ll -ly ++#CC=gcc ++LIBS=-lpcap + SRCS = sender.c main.c pinger.c y.tab.c lex.yy.c listen.c + OBJS = sender.o main.o pinger.o y.tab.o lex.yy.o listen.o + CFLAGS=-g diff --git a/security/rid/files/patch-parser.l b/security/rid/files/patch-parser.l new file mode 100644 index 000000000000..4b89a6c774b5 --- /dev/null +++ b/security/rid/files/patch-parser.l @@ -0,0 +1,8 @@ +--- parser.l.orig Fri Jan 28 11:37:32 2000 ++++ parser.l Sun Feb 13 18:32:00 2000 +@@ -1,4 +1,5 @@ + %{ ++#include <sys/types.h> + #include <stdio.h> + #include <stdlib.h> + #include <strings.h> diff --git a/security/rid/pkg-comment b/security/rid/pkg-comment new file mode 100644 index 000000000000..6ab1a04a5fbb --- /dev/null +++ b/security/rid/pkg-comment @@ -0,0 +1 @@ +Configurable remote distributed denial of service tool detector diff --git a/security/rid/pkg-descr b/security/rid/pkg-descr new file mode 100644 index 000000000000..7621341b0587 --- /dev/null +++ b/security/rid/pkg-descr @@ -0,0 +1,12 @@ +RID - Remote Intrusion Detection +-------------------------------- +RID is a configurable tool which uses intrusion fingerprints to track down +compromised hosts. RID can remotely detect Stacheldraht, TFN, Trinoo and TFN2k +if the attacker did not change the default ports. + +After a compromise, this information can often be turned into a "fingerprint" +of the intrusion. RID is designed to be capable of accurately specifying this +"fingerprint" with little knowledge of network programming. + +RID is based off an extension of ngrep (network grep). It is different because +it extends ngrep into a probing tool. diff --git a/security/rid/pkg-plist b/security/rid/pkg-plist new file mode 100644 index 000000000000..38b5075ac07a --- /dev/null +++ b/security/rid/pkg-plist @@ -0,0 +1,3 @@ +sbin/rid +etc/rid.conf +share/doc/rid/README |