Xortify PHP Sentry Honepotx - The UK Mirror Service

grapeafterthoughtSoftware and s/w Development

Dec 14, 2013 (4 years and 18 days ago)

90 views

Xortify


Sentry Honeypot




2013

SOURCEFORGE


BLOG FOR GUEST BLOG

SIMON ROBERTS

CHRONOLABS COOPERATI
VE

|

10/466 Illawarra Rd, Marrickville, NSW, 2204


Xortify
PHP
Sentry Honepot!

By Simon Roberts


Contents

What is a Honeypot?

................................
................................
................................
...............................

2

Features for XOOPS Xortify Client

................................
................................
................................
.......

4

What's new in Series 4.xx

................................
................................
................................
.......................

4

Sponsors:

................................
................................
................................
................................
.................

4

Honeypot Project Lin
ks:

................................
................................
................................
..........................

5

Contribute Plugins and Code Samples

................................
................................
................................

5

Documentation and Resources

................................
................................
................................
...........

5

Is it Ready?

................................
................................
................................
................................
..............

5

A bit about Xort
ify!

................................
................................
................................
.............................

5

Making Xortify for some other than XOOPS

................................
................................
...........................

6





Xortify is a network security drone that uses Web 2.0 techniques to link between your XOOPS and in
the future when the plugins are written other platforms like drupal, joomla, cakePHP, Zend and
Other sorts of portals and CMS’s. I
nstalls via a Server Cloud
-

this will prevent security intrusions to
your xoops and other portal with accurate deceptive notation of the intruder and prevent any
farmed attacks. It is an accessory and required Protector to be installed an running to be pa
rt of the
hookup. Otherwise it will run without protector just make sure you deselect protector as a provider.

It will display a template if you are banned and is an accessory to protector or any other firewall
technology. The site itself is driven from ht
tp://xortify.labs.coop and mirrored at
http://www.xortify.com .. Cloud computing is web 2.0/3.0 stuff it used a SOAP or JSON, XML or
Serialisation to exchange on the API backend to work, this will eventually be included in xoops as a
support class.

A cloud

computing process is one which staggers multiple networks sometime and mainly unknown
to the webmaster into a network or cloud of data. In this example it is IP and Netaddy names to
control access lists.

This will prevent predators from exposing your netw
ork to lag and other attacks from link farming,
often this means many portals/frameworks are attacked in occasions which is all the time caught by
protector, this way if an attack is in process across a large spectrum of links, your site will down itself
t
o your sourced attack even if it is discovered on a completely unaffiliated site that is link farmed to
yours or on a XOOPS User list.

Xortify is a cloud solution to protectors Bad IPs, if someone attempts to hack your site and becomes
a bad IP it will the
n send the IP to the Ban Cloud on Xortify.com and its paired cloud
Xortify.chronolabs.coop. It will also poll the server to make sure it has the latest ban list so your
website will be aware of malusers before they attack through farming IP from services l
ike Google or
bing.

Xortify client 4.xx for XOOPS is finally bug free as an example, there was a lasting reminder of how it
can be quiet frustrating developing software, especially cloud solutions with so many variables to
hone to make sure the system is w
orking, you should enjoy this version and any future releases for
XOOPS 2.7, but as it stands I can't find anymore situations, warnings, notices or WSOD with this
copy.

What is a Honeypot?

A Honeypot is a system that acts as a sentry to prevent malicious a
ttacks to Usernames and
passwords as well as things like Websites harvesting. There is publically three honeypots on the web
which Xortify.com is one of them which also in it structure communicates with the Honeypots
http://www.stopforumspam.com

as well as
http://projecthoneypot.org
.

Both of these honeypots do separate things but we are the only one of the 3 able to offer trainable
spam/ham heuristics and scanning of con
tent, these other two like SFS concentrates on Spam Signup
and content/threads posting. And PHP as a honeypot, concentrates more on a whitelist of crawlers
as well as.

The Xortify Honeypot allows you to take a 3 month ban out on an IPv4, IPv6, username, em
ail
address or combination of any of these, where it will be moved from the active bans once it is 3
months old. There is also a trainable SPAM Checking API Call, which you can examine out
documentation more.



Features for XOOPS Xortify Client



Cloud Serve
r List Propogation
-

Floating cloud



Cache Maintenance Cleanup



Better Ban List



Better XOOPS 2.5 Module Class GUI



Greater Ban Diagnostics



CURL Resolution Timeout



Fault Locking/Delay



Performance Extras


fixed



Cron Job State and Timing



Pre PHP 5.2
Compatibility



My IP Information Anti Ban Prevention



Provider Plugins



Admin Usage Log



Protector Module Provider



Project Honeypot Provider



Stop Forum Spam Provider



Spider Module Provider



XML Polling Protocol



Serialisation API Protocol



JSON API Protocol



SOAP
API Protocol



Anti Spamming with User Signupl



Anti Harvesting



Serialisation API Protocol

What's new in Series 4.xx

The old features of Xortify will remain; the 3 month honey
-
pot ban as well as other details. We will
be adding a system similar to a virus sca
nner but for spam; this will work like the heuristic system
much like a virus scanner, when an Editor Object, Text Area or DHTML XOOPS Form object passes
data to your portal
-

Xortify will pick this up in the preloader system of XOOPS and check the content

via the cloud for traits of SPAM.

Although the cloud services are not finished yet for this; the components' of it has been written into
the client so you will be right to install XOOPS Xortify Client for XOOPS 2.5 or XOOPS 2.6 and be well
knowing that wi
thin a number of weeks, you system will be checking for SPAM heuristics.

There is a few new functions on the API these include:

1.

spoofcomment


Production of a trick comment box

2.

spoofregistration


Production of a trick registration form

3.

spoofthread



Production of a trick thread form

4.

training


For sending ham/spam for training the API.

Sponsors:

1.

Arck Interactive


Cloud Hosting on Arck Cloud


http://arckcloud.com

2.

Chronolabs Cooperative


Programming


https://web.labs.coop

Honeypot Project Links:



Xortify Social Center


Facebook

-

http://facebook.com/xortify/
.



Xortify Project Dashboard


Source Forge

-

https://sourceforge.net/projects/xortify/
.



Xortify Support Tickets


Source Forge

-

https://sourceforge.net/p/xortify/tickets/
.



Xortify Wiki


Sourc
e Forge

-

https://sourceforge.net/p/xortify/wiki/Home/
.



Xortify Discussion Forums


Source Forge

-

https://sourceforge.net/p/xortify/discussion/
.

Contribute Plugins and Code Samples

Please keep adding to our archives here at chronolabs co
-
op if you have a
file or link you would like
to add to CMS Supporting API Plugins or Modules then contact us through the main contact for a
quote or question form on http://web.labs.coop.

Documentation and Resources



PHP Library
-

http://xortify.com/client/standalone/docs/h
tml/



Cloud Service
-

http://xortify.com/docs/html



XOOPS 2.5
-

http://xortify.com/client/xoops/2.5/docs/html



XOOPS 2.6
-

http://xortify.com/client/xoops/2.6/docs/html

Is it Ready?

Yes; the Xortify client for XOOPS 2.5 and XOOPS 2.6 is ready for download and

installation,
remember to put all the files across including the patches for erroneous code in protector; otherwise
you will get a WSOD; also don't forget once you have installed to fill out the signup form; you can re
-
use the username between sites or ha
ve one individually for each it is up to you!

A bit about Xortify!

Xortify was developed in response to attacks on websites from rouge malicious bots, spam and
captcha sweatshop, spam slavery as well as other forms of abuse of our clients systems. We have
been able to stop close to 99% of spam and captcha attacks with the Xortify client. Believe it or not
Xoritfy is also in response to human rights abuse on the web, such as captcha and spam sweat shops
where individuals are paid less than 1 USD a day to set

up accounts for bots to spam website by
typing past captcha puzzles as well as sometimes they are even slaves.

Originally Xortify started out as a demo of the API X
-
JSON, X
-
CURL and X
-
SOAP for XOOPS 2 series
and became a revolution in security for the XOO
PS Platform. XOOPS comes with an application
called Protector which prevents hacks and attacks to users of XOOPS and maintains a local ban list.
This ban list is known as a bad IP that is an IP Address which has attacked by trying to cause for
example a DO
S (Denial of Service/F5 Attack), ingested unions and other forms of attack which
protector by GIJOE from PEAK XOOPS
-

Support Experiment

in japan works on to prevent mal
-
users
and would be hackers from exploiting the people that love xoops and other platfo
rms. Xortify will
syndicate your BadIP list with other peoples using Xortify so this cloud of protection forms in your
system.

Xortify is an application or process which first started as a
practical

application to cloud computing
for the XOOPS Community which shares protectors bad IPs with a contingent of end users of the
Xortify application and one you have signed up ensures that members share their bad ips in IPv4 or
IPv6 for the host or proxy with

each other so that we are protected from
each other’s

website
forensically with protector. Here at http://xortify.com the main Node in the Xortify Cloud we host
the current Bad IP List for the community so your website with the Xortify client running is p
re
-
aware of a bad user and announces to them on all pages that they are banned unless the ban is
cleared with one of our forms.

To be a contributor to the Xortify cloud you will need a username and password which you can sign
up for in the software, you on
ly need really one username and password per websi
te or even per
webmaster, it
really up

to you. We also contribute to Stop Forum Spam as well as using Project
Honeypot as a resource and are
receiving

their ban list as well. A ban is kept for 3 months then

automatically removed from the system to ensure
truancy

is in check we also only list a ban really
only once not multiple times, sometimes a ban is listed twice when it is causing multiple intrusions
on the network but this is a rarity.

Anyone can join Xo
rtify and you don't need to use xortify's software to maintain, or put additional
bans on the framework. If you happen to be a webmaster then you are welcome to view our API
Documentation to see how we can
integrate

with your environment. We offer wGET
, CURL and
SOAP api for you use. All you need is a username!!

Making Xortify for some other than XOOPS

If you are thinking about contributing to Xortify for things other than XOOPS, you may need to clone
into the module/application/plugin the other sentry
tool that maintains the local banning; the
module protector 3.51.

Currently Xortify gets its ban list from the blacklist stored by this module, it means you will have to
build into your application interface for say Xortify for Drupal, the protector module

as well as the
Xortify Client.

Protector 3.5x prevents DoS attacks, SQL Injects etc. You will be able to follow the code to work out
what is included and what isn’t mainly the pre and post checks for the common file as index in the
perloader for it. If yo
u have any questions you can ask a project admin!