Rev 23 | Only display areas with differences | Ignore whitespace | Details | Blame | Last modification | View Log | RSS feed
Rev 23 | Rev 30 | ||
---|---|---|---|
1 | #!/bin/sh
|
1 | #!/bin/sh
|
2 | 2 | ||
3 | #####################################################################
|
3 | #####################################################################
|
4 | # Script to send an email when chkrootkit test are being performed
|
4 | # Script to send an email when chkrootkit test are being performed
|
5 | #
|
5 | #
|
6 | # This script is distributed in the hope that it will be useful,
|
6 | # This script is distributed in the hope that it will be useful,
|
7 | # but WITHOUT ANY WARRANTY; without even the implied warranty of
|
7 | # but WITHOUT ANY WARRANTY; without even the implied warranty of
|
8 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
8 | # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
9 | # GNU General Public License for more details.
|
9 | # GNU General Public License for more details.
|
10 | # Author: Andrzej Kardaś
|
10 | # Author: Andrzej Kardaś
|
11 | # License: GPLv3
|
11 | # License: GPLv3
|
12 | # The full version of the licencse can be obtainted by visiting:
|
12 | # The full version of the licencse can be obtainted by visiting:
|
13 | # http://www.gnu.org/licenses/gpl.html
|
13 | # http://www.gnu.org/licenses/gpl.html
|
14 | #######################################################################
|
14 | #######################################################################
|
15 | 15 | ||
16 | SERVERNAME=$(hostname) |
16 | SERVERNAME=$(hostname) |
17 | DATE=$(date +"%d.%m.%Y") |
17 | DATE=$(date +"%d.%m.%Y") |
18 | EMAIL=administrator@emai.pl |
18 | EMAIL=administrator@emai.pl |
19 | FILENAME="/var/tmp/fulltest-${DATE}.txt" |
19 | FILENAME="/var/tmp/fulltest-${DATE}.txt" |
20 | 20 | ||
21 | /usr/sbin/chkrootkit 2>&1 > ${FILENAME} |
21 | /usr/sbin/chkrootkit 2>&1 > ${FILENAME} |
22 | 22 | ||
23 | if (cat ${FILENAME} | grep -q "INFECTED\|Vulnerable") then |
- | |
- | 23 | if (cat ${FILENAME} | grep -q "INFECTED\|Vulnerable" | fgrep -v "Checking `bindshell'... INFECTED (PORTS: 465)" ) then |
|
24 | echo "There seems to be a problem!!!!" > /var/tmp/msgfile-${DATE} |
24 | echo "There seems to be a problem!!!!" > /var/tmp/msgfile-${DATE} |
25 | echo "-------------------------------------------------" >> /var/tmp/msgfile-${DATE} |
25 | echo "-------------------------------------------------" >> /var/tmp/msgfile-${DATE} |
26 | cat ${FILENAME} | grep "INFECTED\|Vulnerable" >> /var/tmp/msgfile-${DATE} |
26 | cat ${FILENAME} | grep "INFECTED\|Vulnerable" >> /var/tmp/msgfile-${DATE} |
27 | echo "-------------------------------------------------" >> /var/tmp/msgfile-${DATE} |
27 | echo "-------------------------------------------------" >> /var/tmp/msgfile-${DATE} |
28 | echo "You can see whole test results in attachment file" >> /var/tmp/msgfile-${DATE} |
28 | echo "You can see whole test results in attachment file" >> /var/tmp/msgfile-${DATE} |
29 | else
|
29 | else
|
30 | echo "Your system is not infected" > /var/tmp/msgfile-${DATE} |
30 | echo "Your system is not infected" > /var/tmp/msgfile-${DATE} |
31 | echo "You can see whole test results in attachment file" >> /var/tmp/msgfile-${DATE} |
31 | echo "You can see whole test results in attachment file" >> /var/tmp/msgfile-${DATE} |
32 | fi
|
32 | fi
|
33 | 33 | ||
34 | /usr/bin/mutt -s "${DATE} Weekly chkrootkit from ${SERVERNAME}" ${EMAIL} -a ${FILENAME} < /var/tmp/msgfile-${DATE} |
34 | /usr/bin/mutt -s "${DATE} Weekly chkrootkit from ${SERVERNAME}" ${EMAIL} -a ${FILENAME} < /var/tmp/msgfile-${DATE} |
35 | #
|
35 | #
|