Documentation
BANDWIDTH VALVE:  V1.0

System Requirements

  • Works on all operating systems
  • Apache web server
  • Access logs
  • .htaccess ability
  • Telnet access
  • Perl 5
  • Crontab recommended

Installation

Preliminaries

  • Determine the path to PERL 5 on your web server host.  Note that some web hosting companies run both PERL 4 and PERL 5.  Make ABSOLUTELY sure you are not setting this up under PERL 4.  Ask your administrator if you are not sure.
  • DOWNLOAD the tarfile for this program and save it to your desktop.
  • Unpack the tar archive on your desktop using a program that unpacks UNIX TAR ARCHIVES. If you don't have such a program then download WINZIP FREE from SHAREWARE.COM
  • After you have unpacked the TAR archive you will have a collection of folders and files on your desktop.  Now you have to do some basic editing of each of these files (or at least some of them).  Use a text editor such as wordpad, notepad, BBEdit, simpletext, or teachtext to edit the files.  These are NOT WORD PROCESSOR DOCUMENTS they are just simple TEXT files so don't save them as word processor documents or save them with extentions such as .txt or they will NOT WORK.   Note that there may be a some files inside of folders which are "blank".   This is normal.

Preparing the CGI scripts

Define Path To PERL 5

The first step is to open up each and every file that has a .cgi extention and edit line number one of each script.  Each of the cgi scripts is written in perl 5. For your scripts to run they must know where perl 5 is installed on your web server. The path to perl 5 is defined to a cgi script in the first line of the file. In each of the cgi scripts the first line of code looks something like this:

#!/usr/bin/perl

If the path to perl 5 on your web server is different from /usr/bin/perl you must edit the first line of each cgi script to reflect the correct path. If the path to perl 5 is the same no changes are necessary. If you do not know the path to perl 5 ask the webmaster or system administrator at your server site.  

Configure the .cgi files

configure the following variables located inside of whois.cgi (see the user configuration area)

  • $logfile = "/path/to/accesslog"; path to your access log
  • $threshold = 10000000; max bandwidth per user before kicking in BYTES
  • $suspended = "/path/to/suspended"; path to suspended file
  • $passwordfile = "/path/to/member/passwords"; path to passwords file

Upload the files and set permissions

Create a directory inside your cgi-bin called whois and upload all of the files into this directory.  Set the permissions for valve.cgi to 755 and the permissions for the rest of the files to 777.

Running the software

The software should ideally be set to run from crontab perhaps once per hour.  You can also run the script by telnet command line using

perl valve.cgi

The script will scan the log file looking for excessive failed login attempts from the same username.  If the number of failed logins is greater than the threshold value the username/password of the attacker will be added to the "suspended" file and removed from your "passwords" file.