aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorjadawin <jadawin@FreeBSD.org>2008-06-06 03:40:32 +0800
committerjadawin <jadawin@FreeBSD.org>2008-06-06 03:40:32 +0800
commitbdc275c6fc5cc8554090bcb029a631002defb52c (patch)
tree5b02b768b41f2b5ed52a5a627aac6fd780ba0479
parent60da5d0f42b5fe79ba61eaf240752892d5a8b876 (diff)
downloadfreebsd-ports-gnome-bdc275c6fc5cc8554090bcb029a631002defb52c.tar.gz
freebsd-ports-gnome-bdc275c6fc5cc8554090bcb029a631002defb52c.tar.zst
freebsd-ports-gnome-bdc275c6fc5cc8554090bcb029a631002defb52c.zip
SpyBye is a tool to help web masters determine if their web pages
are hosting browser exploits that can infect visiting users with malware. It functions as an HTTP proxy server and intercepts all browser requests. SpyBye uses a few simple rules to determine if embedded links on your web page are harmlesss, unknown or maybe even dangerous. SpyBye analyzes all downloads in the background and provides you with a warning notification whenever it encounters content that is potentially malicious. At that point, you can click on the link in the notification and receive a more detailed analysis of the web page. WWW: http://www.spybye.org/ PR: ports/123945 Submitted by: Paul Schmel <pauls utdallas.edu> Approved by: tabthorpe (mentor)
-rw-r--r--security/Makefile1
-rw-r--r--security/spybye/Makefile34
-rw-r--r--security/spybye/distinfo3
-rw-r--r--security/spybye/files/spybye.sh.in37
-rw-r--r--security/spybye/pkg-descr13
-rw-r--r--security/spybye/pkg-plist5
6 files changed, 93 insertions, 0 deletions
diff --git a/security/Makefile b/security/Makefile
index 8f94e5a061fd..e74d89e72621 100644
--- a/security/Makefile
+++ b/security/Makefile
@@ -721,6 +721,7 @@
SUBDIR += snortsms
SUBDIR += snortsnarf
SUBDIR += spike-proxy
+ SUBDIR += spybye
SUBDIR += sqlmap
SUBDIR += sqlninja
SUBDIR += squidclam
diff --git a/security/spybye/Makefile b/security/spybye/Makefile
new file mode 100644
index 000000000000..91c4830fbe00
--- /dev/null
+++ b/security/spybye/Makefile
@@ -0,0 +1,34 @@
+# New ports collection makefile for: spybye
+# Date created: 23 May 2008
+# Whom: pauls
+#
+# $FreeBSD$
+#
+
+PORTNAME= spybye
+PORTVERSION= 0.3
+CATEGORIES= security www
+MASTER_SITES= http://www.monkey.org/~provos/
+
+MAINTAINER= pauls@utdallas.edu
+COMMENT= A web proxy to detect malware
+
+BUILD_DEPENDS= event_rpcgen.py:${PORTSDIR}/devel/libevent
+
+OPTIONS= CLAMAV "Enable CLAMAV support" off
+
+USE_RC_SUBR= spybye.sh
+GNU_CONFIGURE= yes
+CONFIGURE_ENV= LDFLAGS="${LDFLAGS}"
+CONFIGURE_TARGET= --build=${MACHINE_ARCH}-portbld-freebsd${OSREL}
+
+MAN1= spybye.1
+
+.include <bsd.port.pre.mk>
+
+.if defined(WITH_CLAMAV)
+LIB_DEPENDS+= clamav:${PORTSDIR}/security/clamav
+CONFIGURE_ARGS+= --with-libclamav=${PREFIX}/bin
+.endif
+
+.include <bsd.port.post.mk>
diff --git a/security/spybye/distinfo b/security/spybye/distinfo
new file mode 100644
index 000000000000..1e9a72270c89
--- /dev/null
+++ b/security/spybye/distinfo
@@ -0,0 +1,3 @@
+MD5 (spybye-0.3.tar.gz) = 1cc6b8c5ef244e38fd05d02b02f55d5d
+SHA256 (spybye-0.3.tar.gz) = 00dd7df03c9a37e80854fa27e44eeaaa4a8c49fa3b0597b5e3b1b2a128669432
+SIZE (spybye-0.3.tar.gz) = 160014
diff --git a/security/spybye/files/spybye.sh.in b/security/spybye/files/spybye.sh.in
new file mode 100644
index 000000000000..12e6cd9d007e
--- /dev/null
+++ b/security/spybye/files/spybye.sh.in
@@ -0,0 +1,37 @@
+#!/bin/sh
+#
+
+# PROVIDE: spybye
+# REQUIRE: DAEMON
+# BEFORE: LOGIN
+# KEYWORD: shutdown
+
+# Add the following lines to /etc/rc.conf to enable spybye:
+# spybye_enable (bool): Set to YES to enable spybye
+# Default: NO
+# spybye_flags (str): Extra flags passed to spybye
+# Default: -x -p 8080 -l /var/log/spybye.log
+#
+# spybye command arguments
+# spybye: [-P] [-p port] [-g good] [-b bad] [-l logfile] [-S shareurl] [-x]
+# -P disable private IP check; allows the proxy to fetch 127/8
+# -p port port number to create proxy server on
+# -g good_patterns a file or url containing the good patterns
+# -b bad_patterns a file or url containing the danger patterns
+# -l logfile a file to log dangerous site interactions to
+# -S shareurl host to log dangerous site interactions to
+# -x enable proxy mode
+
+. %%RC_SUBR%%
+
+name="spybye"
+load_rc_config ${name}
+rcvar=`set_rcvar`
+# set the defaults
+: ${spybye_enable="NO"}
+: ${spybye_flags="-x -p 8080 -l /var/log/spybye.log"}
+
+command=%%PREFIX%%/bin/${name}
+command_args="${spybye_flags} &"
+
+run_rc_command "$1"
diff --git a/security/spybye/pkg-descr b/security/spybye/pkg-descr
new file mode 100644
index 000000000000..cdc434d193dc
--- /dev/null
+++ b/security/spybye/pkg-descr
@@ -0,0 +1,13 @@
+SpyBye is a tool to help web masters determine if their web pages
+are hosting browser exploits that can infect visiting users with
+malware. It functions as an HTTP proxy server and intercepts all
+browser requests. SpyBye uses a few simple rules to determine if
+embedded links on your web page are harmlesss, unknown or maybe
+even dangerous.
+
+SpyBye analyzes all downloads in the background and provides you
+with a warning notification whenever it encounters content that
+is potentially malicious. At that point, you can click on the link
+in the notification and receive a more detailed analysis of the web page.
+
+WWW: http://www.spybye.org/
diff --git a/security/spybye/pkg-plist b/security/spybye/pkg-plist
new file mode 100644
index 000000000000..b88fd581a705
--- /dev/null
+++ b/security/spybye/pkg-plist
@@ -0,0 +1,5 @@
+bin/spybye
+bin/spybye2html
+share/spybye/bad_patterns
+share/spybye/good_patterns
+@dirrm share/spybye