Source Forge Project]
This Perl script/library is a 'replacement' for cgi scripts with
known significant security holes, such as phf and nph-test.
It attempts to gather as much information as possible from
the probing site while mimicking the behavior of the script
it replaces (without actually giving out any useful information).
An extensible framework is provided for adding faked cgi
scripts and information gatherers.
Watch.Cgi version 2 is a total re-write of Watch.Cgi version 1,
which was developed by the
The San Diego Supercomputer Center.
Watch version 2 was developed by Devin Kowatch <devink at
webengruven dot org> on his
Watch.Cgi versions 2 and above are licensed under the GNU GPL.
View the latest README
file, which contains some notes on installing and a brief description.
Included in the release is information the Watch.Cgi design, and a sample
Watch.Cgi is now hosted at SourceForge.net. Check out the
main project page
The first public release is 2.1.0. Version 2.0.0 was a private release
that was installed only at SDSC.
You can download watch.Cgi releases
There is a public CVS repository available. Go
for directions on how to access it. Or you can browse it
is a mailing list for general discussion of using
Watch.cgi. This is also where I'll be posting announcements. If this
project ever gains enough users or developers to warrent it, then other
lists will be created for more specific discussion.