Documentation
PASSWORD NAZI:  V3.0


System Requirements

  • Apache Style Server Logs
  • Perl 5
  • Crontab
  • Sendmail

Preliminaries

  • Determine the path to PERL 5 on your web server host.  Note that some web hosting companies run both PERL 4 and PERL 5.  Make ABSOLUTELY sure you are not setting this up under PERL 4.  Ask your administrator if you are not sure.
  • Download the tarfile for this program and save it to your desktop.
  • Unpack the tar archive on your desktop using a program that unpacks UNIX TAR ARCHIVES. If you don't have such a program then download WINZIP FREE from SHAREWARE.COM
  • After you have unpacked the TAR archive you will have a collection of folders and files on your desktop.  Now you have to do some basic editing of each of these files (or at least some of them).  Use a text editor such as wordpad, notepad, BBEdit, simpletext, or teachtext to edit the files.  These are NOT WORD PROCESSOR DOCUMENTS they are just simple TEXT files so don't save them as word processor documents or save them with extentions such as .txt or they will NOT WORK.   Note that there may be a some files inside of folders which are "blank".   This is normal.

Preparing the CGI scripts

Define Path To PERL 5

The first step is to open up each and every file that has a .cgi extention and edit line number one of each script.  Each of the cgi scripts is written in perl 5. For your scripts to run they must know where perl 5 is installed on your web server. The path to perl 5 is defined to a cgi script in the first line of the file. In each of the cgi scripts the first line of code looks something like this:

#!/usr/bin/perl

If the path to perl 5 on your web server is different from /usr/bin/perl you must edit the first line of each cgi script to reflect the correct path. If the path to perl 5 is the same no changes are necessary. If you do not know the path to perl 5 ask the webmaster or system administrator at your server site.  

Configure the .cgi files

nazi.cgi

This is the entire cgi.  There a few variables to edit, all of which should be pretty straightforward.

  • $logfile = path to your server ACCESS logs
  • $passwordfile = path to your PASSWORD file
  • $suspendfile = path to the SUSPENDED file
  • $sendmail = path to SENDMAIL
  • $admin = your email address (MUST INCLUDE BACKSLASH BEFORE THE @ SYMBOL)
  • $threshold = number of unique logins you will allow before kicking a user

If you are using Password Nazi with internet billing PROCESSOR you will use the internet billingnazi.cgi file in place of nazi.cgi and you will find two additional variables to edit inside

  • $userdatabase = "/path/to/cgi-bin/mastergate/database";
  • $internet billing logfile = "/path/to/cgi-bin/mastergate/log";

Upload Your Edited CGI and Database Files

  • Upload all of the cgi files (.cgi) into your cgi-bin
  • Upload suspended (blank text file) also into your cgi-bin

File Access Permissions

File access permissions must be set correctly for this program to run.  You must set the access permissions for each of these files.  Set nazi.cgi to 755.   Set suspended to 777

Start the Scanning

Set your crontab facility to execute nazi.cgi however you desire (once per day is advised).  You should also have your logs rotating daily so its not scanning logins for over a 24 hour period.

Note about unique logins

You should know that some network providers which use proxy servers (eg:  AOL) appear to send high numbers of unique logins.   This actually is an artifact of the network structure.  You should use a threshold value around 50 to start with.  A traded password will show THOUSANDS of unique logins, whereas a proxy server only 30-70 usually. 

Thus, my advice is set the threshold value high enough NOT to kick out valid users but LO enough to kick out OBVIOUS password traders and hackers.  Around 50 works pretty good.