Kakashi
Security application for Linux servers
![Gitter(help)](https://badges.gitter.im/Join Chat.svg)
Custom regex matching for CSF
- Temporary IP block
- Could not complete sender verify
- Host lookup did not complete
- Host is ratelimited
- Incorrect authentication data
- Watch http login fail with http status code 401
- Permanant IP block
- On mail server detected a message with a absurd spam score
- CLI Tools
- Enable SpamAssassin auto-deletion
- More
- Using the Lightning Cutter
- Takes up office as the Sixth Hokage
Install (sudo required)
On a server with CSF previously installed:
-
Modify CUSTOM vars in your
/etc/csf/csf.conf
:CUSTOM7_LOG = "/var/log/http/acess_log" #Customize! CUSTOM8_LOG = "/var/log/exim_mainlog"
#Optional but recomended: DENY_IP_LIMIT = "1000"
-
Restart
csf
:csf -r;
-
Get kakashi:
git clone --depth=1 https://github.com/gpupo/kakashi.git ~/kakashi;
-
Put rules:
sudo cp ~/kakashi/regex.custom.pm /etc/csf/regex.custom.pm && sudo service lfd restart;
Note: You can choose to use the more aggressive rules, replacing regex.custom.pm
by regex.sharingan.pm
in the above command.
After install, see logs on /var/log/lfd.log
:
tail -f /var/log/lfd.log | grep kakashi;
- Whitelist (recomended)
Add CSF whitelist IP address ranges (Gmail, Outlook, etc)
sudo ~/kakashi/bin/csf-add-whitelist.sh;
Update:
-
Execute:
cd ~/kakashi/ && git pull;
-
Repeat step 4 (install)
CLI
- Enable SpamAssassin auto-deletion in CPanel from CLI
Contributors
Check CONTRIBUTING.md
License
MIT
build
./bin/build.sh