phf prober perl script

# Change Log:
#    19971113 Added HTTP_REFERER for people wanting to zap others - doug
#    19961016 Changed netstat to use IP only speed improvement -n option
#               From:Christopher Ellwood <chris@silicon.net >
#    19961016 Action parsing fixes
#               From:Tom Perrine <tep@SDSC.EDU>
#    19961106 Converted to use perl5 sub procedured most operations 
#    19960926 Added support for builtin finger or safe_finger
#             Added ability to turn off parts of script 
#               (ie finger, ident, fake)
#             Added fake PHF HTML code
#               From:Paul Danckaert <pauld@lemur.org>
#             Added additional return type for fake PHF
#               From:Paul Danckaert <pauld@lemur.org>
#    19960717 Added Ident support and safe_finger support - doug
#    19960715 Created - doug@eng.auburn.edu
#

• Web Server REMOTE_HOST, REMOTE_ADDR
• The QUERY_STRING sent to phf
• Tries to do a safe_finger on the REMOTE_HOST
• Tries to do an ident on the REMOTE_HOST

• ftp.eng.auburn.edu/pub/rayh/security/phf.4(Perl 4 -- older version)
• ftp.eng.auburn.edu/pub/rayh/security/phf.5(Perl 5 -- new fixed version)

• perl 5
• netstat command
• safe_finger (Not required but recommended -- Can use builtin finger)
• fgrep

• WWW-Security FAQ Q33
• WWW-Security FAQ Q66
• WWW-Security FAQ