Instalando e configurando o AIDE em 15 minutos
Publicado por Marcos Pitanga 17/05/2005
[ Hits: 11.096 ]
Homepage: hpc.edools.com
Este script automatiza todo o processo de instalacao do IDS filesystem AIDE - Advanced Intrusion Detection Environment -
#!/bin/sh # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2, or (at your option) # any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # by: Marcos Pitanga <pitanga@domain.com.br> # Wed Sep 1 21:00:19 BRT 2005 inicial() { clear echo -e "********************************************************************************" echo -e "** Este script facilita o procedimento de instalacao do filesystem check AIDE **" echo -e "** Advanced Intrusion Detection Environment **" echo -e "** By Marcos Pitanga **" echo -e "********************************************************************************" sleep 5 } declare_vars() { AIDE_DIR="/usr/local/aide_fontes" MAKE="`which make`" MKDIR="`which mkdir`" SED="`which sed`" TAR="`which tar`" COPY="`which cp`" WGET="`which wget`" CONFIG="./configure" # Crio o diretorio para os fontes if [ ! -d $AIDE_DIR ]; then mkdir -p $AIDE_DIR fi } downloads() { echo "Baixando os pacotes. Espere um pouquinho." echo "[ Baixando os pacotes para a instalacao ]" >> /var/log/downloads_sources cd $AIDE_DIR if [ ! -e mhash-0.9.1.tar.gz ]; then $WGET http://belnet.dl.sourceforge.net/sourceforge/mhash/mhash-0.9.1.tar.gz >> /var/log/downloads_sources 2>&1 fi if [ ! -e aide-0.10.tar.gz ]; then $WGET http://voxel.dl.sourceforge.net/sourceforge/aide/aide-0.10.tar.gz >> /var/log/downloads_sources 2>&1 fi cd $AIDE_DIR echo "[ Fim do download dos pacotes ]" >> /var/log/downloads_sources } instala_mhash() { echo "Instalando a biblioteca mhash." echo "[ Instalando $package_name ]" >> /var/log/mhash_source mhash_source=$package_name mhash_dir=`echo $mhash_source | sed s/\.tar\.gz//` $TAR -xzf $mhash_source >> /var/log/mhash_source 2>&1 cd $mhash_dir >> /var/log/mhash_source 2>&1 $CONFIG --enable-static=yes $MAKE >> /var/log/mhash_source 2>&1 $MAKE check 2>> /var/log/mhash_source 2>&1 $MAKE install 2>> /var/log/mhash_source 2>&1 cd $AIDE_DIR >> /var/log/mhash_source 2>&1 echo "[ terminei a biblioteca mhash ]" >> /var/log/mhash_source } instala_aide() { echo "Instalando o AIDE." echo "[ Instalando $package_name ]" >> /var/log/aide_source aide_source=$package_name aide_dir=`echo $aide_source | sed s/\.tar\.gz//` $TAR -xzf $aide_source >> /var/log/aide_source 2>&1 cd $aide_dir >> /var/log/aide_source 2>&1 $CONFIG --sysconfdir=/usr/local $MAKE >> /var/log/aide_source 2>&1 $MAKE install >> /var/log/aide_source 2>&1 cd $AIDE_DIR >> /var/log/aide_source 2>&1 echo "[ Fim da instalacao do AIDE ]" >> /var/log/aide_source } cria_arquivo() { echo -e " # # Copyright (c) 2000 SuSE, Germany. # # Author: Matthias Eckermann, SuSE Linux Solutions AG # # /etc/aide.conf # database=file:/var/aide/aide.db database_out=file:/var/aide/aide.db.new verbose=20 #verbose=5 report_url=stdout All=R+a+sha1+rmd160+tiger Norm=s+n+b+md5+sha1+rmd160+tiger # Whether to gzip the output to database # gzip_dbout=no #report_url=stdout #other possibilities #report_url=stderr #NOT IMPLEMENTED report_url=mailto:root@foo.com #report_url=file:/tmp/some_file.txt #NOT IMPLEMENTED report_url=syslog:LOG_AUTH report_url=stdout #p: permissions #i: inode #n: number of links #u: user #g: group #s: size #b: block count #m: mtime #a: atime #c: ctime #S: check for growing size #md5: md5 checksum #sha1: sha1 checksum #rmd160: rmd160 checksum #tiger: tiger checksum #R: p+i+n+u+g+s+m+c+md5 #L: p+i+n+u+g #E: Empty group #>: Growing logfile p+u+g+i+n+S #The following are available if you have mhash support enabled. #haval: haval checksum #gost: gost checksum #crc32: crc32 checksum # Definicao da Regra #All=R+a+b All=R+b # ignore_list is a special rule definition # the attributes listed in it are not displayed in the # final report # Attributes that can be used to verify that aide in intact # by people that have downloaded it from the web. # Let's be paranoid Norm=s+n+b+md5+sha1+rmd160+tiger # # nao faca nestes diretorios # !/dev !/tmp !/proc !/usr/src !/.*~ !/.*RCS !/.*CVS !/.*aide\.db.* !/.*\.cvsignore.* !/etc/X11 !/etc/pcmcia !/var/log/messages !/var/log/mail !/var/log/lastlog !/var/log/wtmp !/var/log/sendmail.st !/var/spool/mail # # Faca no restante dos arquivos # #/ R / All" >>/etc/aide.conf } fim_instalacao() { echo "Pacotes instalados. veja install_log para maior detalhes." } inicial declare_vars downloads package_name=`ls mhash-0.9.1.tar.gz` instala_mhash package_name=`ls aide-0.10.tar.gz` instala_aide cria_arquivo fim_instalacao
Script de Backup para FITA DAT usando "afio"
Acompanhamento de log squid com hora real
Monitorando processo do Squid em diferentes redes
Nenhum comentário foi encontrado.
Qual seu hardware e distribuição estão rodando na sua máquina? (1)
Melhorando o tempo de boot do Fedora e outras distribuições
Como instalar as extensões Dash To Dock e Hide Top Bar no Gnome 45/46
E a guerra contra bots continua
Tradução do artigo do filósofo Gottfried Wilhelm Leibniz sobre o sistema binário
Conheça o firewall OpenGFW, uma implementação do (Great Firewall of China).
Instalando o FreeOffice no LMDE 6
Anki: Remover Tags de Estilo HTML de Todas as Cartas
Colocando uma opção de redimensionamento de imagem no menu de contexto do KDE
Criar uma base de reconhecimento de HW no VOL (6)
Adaptador Bluetooth USB que funciona no Linux (42)
[Shell Script] Script para desinstalar pacotes desnecessários no OpenSuse
[Shell Script] Script para criar certificados de forma automatizada no OpenVpn
[Shell Script] Conversor de vídeo com opção de legenda
[C/C++] BRT - Bulk Renaming Tool
[Shell Script] Criação de Usuarios , Grupo e instalação do servidor de arquivos samba