-
Notifications
You must be signed in to change notification settings - Fork 10
Expand file tree
/
Copy pathdo-check.sh
More file actions
executable file
·103 lines (93 loc) · 2.5 KB
/
do-check.sh
File metadata and controls
executable file
·103 lines (93 loc) · 2.5 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
#!/bin/bash
ARCHIVE_DIR="./archive-"`hostname`;
FILESIGNATURE=$ARCHIVE_DIR/fileSignature.md5
echo -e "Checking $ARCHIVE_DIR directory...\c"
if [ ! -d $ARCHIVE_DIR ]
then
echo -e "\nCreating $ARCHIVE_DIR directory...\c"
/bin/mkdir -p $ARCHIVE_DIR || (echo -e "\nFailed to create $ARCHIVE_DIR, Exiting... "; exit 1)
fi
echo -e "\tDONE"
echo -e "\nThis scrtipt will create fingerprint DB of most essential system files"
echo "on this system. In a future, you can verify whether any of them"
echo "have been altered. You will need SUDO rights to run this script."
echo "------------------------------"
echo "Press [C]reate fingerpint DB of system files, or "
echo "Press [V]erify them against most recent DB"
read -n1 -s keyenter
if [[ $keyenter == 'C' || $keyenter == 'c' ]]
then
echo -e "Creating fingerprint DB... \c"
[ -f $FILESINGATURE ] && /bin/mv -f $FILESIGNATURE $FILESIGNATURE".BCK"
for FILE in \
/etc/ssh/ssh_config \
/etc/ssh/sshd_config \
/etc/hosts.deny \
/etc/hosts.allow \
/etc/init.d/functions \
/etc/sysconfig/init \
/etc/sysconfig/sendmail \
/etc/inittab \
/etc/sysctl.conf \
/etc/syslog.conf \
/etc/ftpaccess \
/etc/vsftpd.conf \
/etc/vsftpd/vsftpd.conf \
/etc/syslog.conf \
/etc/fstab \
/etc/security/console.perms \
/etc/security/access.conf \
/etc/passwd \
/etc/shadow \
/etc/ftpusers \
/etc/vsftpd.ftpusers \
/etc/X11/xdm/Xservers \
/etc/X11/gdm/gdm.conf \
/etc/X11/xinit/xserverrc \
/etc/cron.deny \
/etc/at.deny \
/etc/crontab \
/etc/securetty \
/etc/lilo.conf \
/etc/grub.conf \
/etc/exports \
/etc/sudoers \
/etc/init.d/syslog \
/etc/profile \
/etc/csh.login \
/etc/csh.cshrc \
/etc/bashrc \
$ROOT_DIR/.bash_profile \
$ROOT_DIR/.bashrc \
$ROOT_DIR/.cshrc \
$ROOT_DIR/.tcshrc \
/etc/security/limits.conf \
/etc/issue \
/etc/motd \
/etc/issue.net \
/etc/X11/xdm/Xresources \
/etc/X11/xdm/kdmrc \
/etc/xinetd.d/* \
/etc/rc.d/* \
/etc/pam.d/* ;
do
if [ -f ${FILE} ]; then
#
PATH=`/usr/bin/dirname $FILE`
if [ ! -d $ARCHIVE_DIR$PATH ]
then
/bin/mkdir -p $ARCHIVE_DIR$PATH
fi
/usr/bin/sudo /bin/cp $FILE $ARCHIVE_DIR$FILE
/usr/bin/sudo /usr/bin/md5sum $FILE >> $FILESIGNATURE
fi
done
echo "DONE"
elif [[ $keyenter == 'V' || $keyenter == 'v' ]]
then
echo -e "Verifying system files against most recent fingerprint DB...\n"
sudo /usr/bin/md5sum -cw $FILESIGNATURE
echo -e "\n... DONE"
else
echo -e "\nYou've pressed a wrong key:" $keyenter "... exiting"
fi