------------------------------------------------------------------------------ Week #1: Introduction to kaPoW ------------------------------------------------------------------------------ ------------------------------------------------------------------------------ Week #2-#4: Code walkthrough of relevant kaPoW and kaPoW's guestbook ------------------------------------------------------------------------------ On leela, develop a program that parses its /var/log/httpd/access_log and /var/log/httpd/error_log files of httpd and generates a per-IP address usage metric in a flat file. (i.e. <# of requests> ) Automate the download of the IP address reputation feeds listed in ~/IP_reputation_sources.txt using cron Develop a program, that combines the above per-IP address usage and reputation into a single file that can be searched by IP address similar to that done with Maxmind's GeoIP. On leela, see ~/GeoIP-1.4.6 ------------------------------------------------------------------------------ Week #5: ------------------------------------------------------------------------------ Develop a program that allows one to look up reputation information by IP address ------------------------------------------------------------------------------ Week #6: ------------------------------------------------------------------------------ Develop a web (i.e. perl, PHP, python) script that allows one to dynamically lookup the reputation information of a connecting client ------------------------------------------------------------------------------ Week #7: ------------------------------------------------------------------------------ Modify php_kaPoW guestbook to look up reputations and deliver puzzles based on them. ------------------------------------------------------------------------------ Week #8, #9, #10: ------------------------------------------------------------------------------ Create automated clients to ``attack'' the web scripts Experiments o Manually add clients to blacklist database o Attempt to attack from machines that are blacklisted as well as those that are not