#!/usr/bin/perl
#
# fakeboReport 0.1
# Rob Szarka <panic@szarka.org>
# sends notification of BO attempt
#
# expects IP address of attacker ($kiddie) on command line
$sysadmin = "abuse\@downcity.net";
#
$kiddie = $ARGV[0] || die "No IP specified";
chomp ($kiddie);
#
open (MAIL, "|/usr/lib/sendmail -t $sysadmin") || die "Can't mail $sysadmin";
print MAIL "From: <root\@your.system>\nTo: <$sysadmin>\nSubject: BO
Attempt\n\n";
print MAIL "Back Orifice connection attempted from $kiddie\n\n";
$nslookup = `nslookup $kiddie`;
print MAIL "$nslookup\n\n";
$traceroute = `traceroute $kiddie`;
print MAIL "$traceroute\n\n";
$log = `tail /var/log/fakebo.log`;
print MAIL "$log\n\n";
close (MAIL);