Instalando e configurando o AIDE em 15 minutos
Publicado por Marcos Pitanga 17/05/2005
[ Hits: 11.267 ]
Homepage: hpc.edools.com
Este script automatiza todo o processo de instalacao do IDS filesystem AIDE - Advanced Intrusion Detection Environment -
#!/bin/sh # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # by: Marcos Pitanga <pitanga@domain.com.br> # Wed Sep 1 21:00:19 BRT 2005 inicial() { clear echo -e "********************************************************************************" echo -e "** Este script facilita o procedimento de instalacao do filesystem check AIDE **" echo -e "** Advanced Intrusion Detection Environment **" echo -e "** By Marcos Pitanga **" echo -e "********************************************************************************" sleep 5 } declare_vars() { AIDE_DIR="/usr/local/aide_fontes" MAKE="`which make`" MKDIR="`which mkdir`" SED="`which sed`" TAR="`which tar`" COPY="`which cp`" WGET="`which wget`" CONFIG="./configure" # Crio o diretorio para os fontes if [ ! -d $AIDE_DIR ]; then mkdir -p $AIDE_DIR fi } downloads() { echo "Baixando os pacotes. Espere um pouquinho." echo "[ Baixando os pacotes para a instalacao ]" >> /var/log/downloads_sources cd $AIDE_DIR if [ ! -e mhash-0.9.1.tar.gz ]; then $WGET http://belnet.dl.sourceforge.net/sourceforge/mhash/mhash-0.9.1.tar.gz >> /var/log/downloads_sources 2>&1 fi if [ ! -e aide-0.10.tar.gz ]; then $WGET http://voxel.dl.sourceforge.net/sourceforge/aide/aide-0.10.tar.gz >> /var/log/downloads_sources 2>&1 fi cd $AIDE_DIR echo "[ Fim do download dos pacotes ]" >> /var/log/downloads_sources } instala_mhash() { echo "Instalando a biblioteca mhash." echo "[ Instalando $package_name ]" >> /var/log/mhash_source mhash_source=$package_name mhash_dir=`echo $mhash_source | sed s/\.tar\.gz//` $TAR -xzf $mhash_source >> /var/log/mhash_source 2>&1 cd $mhash_dir >> /var/log/mhash_source 2>&1 $CONFIG --enable-static=yes $MAKE >> /var/log/mhash_source 2>&1 $MAKE check 2>> /var/log/mhash_source 2>&1 $MAKE install 2>> /var/log/mhash_source 2>&1 cd $AIDE_DIR >> /var/log/mhash_source 2>&1 echo "[ terminei a biblioteca mhash ]" >> /var/log/mhash_source } instala_aide() { echo "Instalando o AIDE." echo "[ Instalando $package_name ]" >> /var/log/aide_source aide_source=$package_name aide_dir=`echo $aide_source | sed s/\.tar\.gz//` $TAR -xzf $aide_source >> /var/log/aide_source 2>&1 cd $aide_dir >> /var/log/aide_source 2>&1 $CONFIG --sysconfdir=/usr/local $MAKE >> /var/log/aide_source 2>&1 $MAKE install >> /var/log/aide_source 2>&1 cd $AIDE_DIR >> /var/log/aide_source 2>&1 echo "[ Fim da instalacao do AIDE ]" >> /var/log/aide_source } cria_arquivo() { echo -e " # # Copyright (c) 2000 SuSE, Germany. # # Author: Matthias Eckermann, SuSE Linux Solutions AG # # /etc/aide.conf # database=file:/var/aide/aide.db database_out=file:/var/aide/aide.db.new verbose=20 #verbose=5 report_url=stdout All=R+a+sha1+rmd160+tiger Norm=s+n+b+md5+sha1+rmd160+tiger # Whether to gzip the output to database # gzip_dbout=no #report_url=stdout #other possibilities #report_url=stderr #NOT IMPLEMENTED report_url=mailto:root@foo.com #report_url=file:/tmp/some_file.txt #NOT IMPLEMENTED report_url=syslog:LOG_AUTH report_url=stdout #p: permissions #i: inode #n: number of links #u: user #g: group #s: size #b: block count #m: mtime #a: atime #c: ctime #S: check for growing size #md5: md5 checksum #sha1: sha1 checksum #rmd160: rmd160 checksum #tiger: tiger checksum #R: p+i+n+u+g+s+m+c+md5 #L: p+i+n+u+g #E: Empty group #>: Growing logfile p+u+g+i+n+S #The following are available if you have mhash support enabled. #haval: haval checksum #gost: gost checksum #crc32: crc32 checksum # Definicao da Regra #All=R+a+b All=R+b # ignore_list is a special rule definition # the attributes listed in it are not displayed in the # final report # Attributes that can be used to verify that aide in intact # by people that have downloaded it from the web. # Let's be paranoid Norm=s+n+b+md5+sha1+rmd160+tiger # # nao faca nestes diretorios # !/dev !/tmp !/proc !/usr/src !/.*~ !/.*RCS !/.*CVS !/.*aide\.db.* !/.*\.cvsignore.* !/etc/X11 !/etc/pcmcia !/var/log/messages !/var/log/mail !/var/log/lastlog !/var/log/wtmp !/var/log/sendmail.st !/var/spool/mail # # Faca no restante dos arquivos # #/ R / All" >>/etc/aide.conf } fim_instalacao() { echo "Pacotes instalados. veja install_log para maior detalhes." } inicial declare_vars downloads package_name=`ls mhash-0.9.1.tar.gz` instala_mhash package_name=`ls aide-0.10.tar.gz` instala_aide cria_arquivo fim_instalacao
Script Firewall - Regras do Iptables
Ferramenta para o CBQ - parte 1
Backup diário das bases do MySQL
Nenhum comentário foi encontrado.
Compartilhando a tela do Computador no Celular via Deskreen
Como Configurar um Túnel SSH Reverso para Acessar Sua Máquina Local a Partir de uma Máquina Remota
Configuração para desligamento automatizado de Computadores em um Ambiente Comercial
Como renomear arquivos de letras maiúsculas para minúsculas
Imprimindo no formato livreto no Linux
Vim - incrementando números em substituição
Efeito "livro" em arquivos PDF
Como resolver o erro no CUPS: Unable to get list of printer drivers
SysAdmin ou DevOps: Qual curso inicial pra essa área? (2)
É cada coisa que me aparece! - não é só 3% (3)
Melhorando a precisão de valores flutuantes em python[AJUDA] (5)
[Python] Automação de scan de vulnerabilidades
[Python] Script para analise de superficie de ataque
[Shell Script] Novo script para redimensionar, rotacionar, converter e espelhar arquivos de imagem
[Shell Script] Iniciador de DOOM (DSDA-DOOM, Doom Retro ou Woof!)
[Shell Script] Script para adicionar bordas às imagens de uma pasta