Squidefender is a perl-based tool that analyses and decodes a squid log file to detect potential security breaches.
One of the strengths of Squidefender is its flexible configuration options, which allow you to easily add new attacks to be scanned for. Additionally, this software offers the ability to use different message templates based on the attack found. This feature can help you to better categorize and respond to different types of attacks.
In order to make upgrading Squidefender easier, this software requires its own directory. Specifically, this helps you to keep message templates in a single place, and makes it simpler to install updates by allowing you to replace individual modules with new and improved versions.
To install Squidefender, simply download the squidefender.tar.gz archive and ensure that both the Mail::Sender and Net::DNS modules are installed via CPAN. After this, extract the archive to the location of your choice, edit the squidefender.conf file to suit your needs (you can use the included basic file as a starting point), and then create a timestamp file using the included "make timestamp" command. Finally, add Squidefender to your crontab file and you're all set!
This recent release of Squidefender includes several new enhancements and bug fixes, including a lockfile to prevent multiple versions from running at once, the ability to automatically unblock hosts after a specified period of time, and the implementation of rate control to limit the number of complaints sent to an ISP regarding the same IP address.
Version 1.3: N/A