Documentation
PASSWORD NAZI: V3.0
System Requirements
- Apache Style Server Logs
- Perl 5
- Crontab
- Sendmail
Preliminaries
- Determine the path to PERL 5 on your web
server host. Note that some web hosting companies run both PERL 4 and PERL 5.
Make ABSOLUTELY sure you are not setting this up under PERL 4. Ask your
administrator if you are not sure.
- Download the tarfile for this program and
save it to your desktop.
- Unpack the tar archive on your desktop using a
program that unpacks UNIX TAR ARCHIVES. If you don't have such a program then download
WINZIP FREE from SHAREWARE.COM.
- After you have unpacked the TAR archive you
will have a collection of folders and files on your desktop. Now you have to do some
basic editing of each of these files (or at least some of them). Use a text editor
such as wordpad, notepad, BBEdit, simpletext, or teachtext to edit the files. These
are NOT WORD PROCESSOR DOCUMENTS they are just simple TEXT files so don't save them as
word processor documents or save them with extentions such as .txt or they will NOT WORK.
Note that there may be a some files inside of folders which are "blank".
This is normal.
Preparing the CGI scripts
Define Path To PERL 5
The first step is to open up each and every
file that has a .cgi extention and edit line number one of each script. Each of the
cgi scripts is written in perl 5. For your scripts to run they must know where perl 5 is
installed on your web server. The path to perl 5 is defined to a cgi script in the first
line of the file. In each of the cgi scripts the first line of code looks something like
this:
#!/usr/bin/perl
If the path to perl 5 on your web server is
different from /usr/bin/perl you must edit the first line of each cgi script to reflect
the correct path. If the path to perl 5 is the same no changes are necessary. If you do
not know the path to perl 5 ask the webmaster or system administrator at your server site.
Configure the .cgi files
nazi.cgi
This is the entire cgi. There a few
variables to edit, all of which should be pretty straightforward.
- $logfile = path to your server ACCESS logs
$passwordfile = path to your PASSWORD file
$suspendfile = path to the SUSPENDED file
$sendmail = path to SENDMAIL
$admin = your email address (MUST INCLUDE BACKSLASH BEFORE THE @ SYMBOL)
$threshold = number
of unique logins you will allow before kicking a user
If you are using Password Nazi with internet billing PROCESSOR you
will use the internet billingnazi.cgi file in place of nazi.cgi and you will find two
additional variables to edit inside
- $userdatabase =
"/path/to/cgi-bin/mastergate/database";
- $internet billing logfile =
"/path/to/cgi-bin/mastergate/log";
Upload Your Edited CGI and Database Files
- Upload all of the cgi files (.cgi) into your
cgi-bin
- Upload suspended (blank text file) also into
your cgi-bin
File Access Permissions
File access permissions must be set correctly
for this program to run. You must set the access permissions for each of these
files. Set nazi.cgi to 755. Set suspended to 777
Start the Scanning
Set your crontab facility to execute nazi.cgi
however you desire (once per day is advised). You should also have your logs
rotating daily so its not scanning logins for over a 24 hour period.
Note about unique logins
You should know that some network providers
which use proxy servers (eg: AOL) appear to send high numbers of unique logins.
This actually is an artifact of the network structure. You should use a
threshold value around 50 to start with. A traded password will show THOUSANDS of
unique logins, whereas a proxy server only 30-70 usually.
Thus, my advice is set the threshold value
high enough NOT to kick out valid users but LO enough to kick out OBVIOUS password traders
and hackers. Around 50 works pretty good.