Installation et sécurisation d'une station Debian 3.0 stable15/05/2004
ANNEXE 2. Génération automatisée de rapport système
ANNEXE 2. Génération automatisée de rapport système
#!/bin/sh
#
# Debian-secinst v0.1.2 : ANNEXE 2 - Génération automatisée de rapport système
# Simon Castro
#
### VARIABLES
# Do we also mail the report ?
OK_TO_MAIL=1
# Report variables
CURRENT_DATE=`/bin/date "+%d%m%y-%H%M%S"`
REPORT_NAME=`/bin/hostname`
# mail variables
MAIL_ADDR="root"
# File to store variables
REPORT_DIR=/home/system/scripts/reports/
REPORT_FILE=$REPORT_DIR$REPORT_NAME"_"$CURRENT_DATE"_report.log"
# Logger variables
SYSLOGGED_NAME="System"
LOGGER_FILE="/usr/bin/logger -p local7.info -t $SYSLOGGED_NAME -i -- $REPORT_NAME system report : $REPORT_FILE"
LOGGER_MAIL="/usr/bin/logger -p local7.info -t $SYSLOGGED_NAME -i -- $REPORT_NAME system report : mailing to $MAIL_ADDR"
# Formatage du rapport
INDENT_IT='s/\(.*\)/\ \ \ \ \1/g'
### MAIN
# Tell syslog we are going to run the system report script
$LOGGER_FILE
# Get the report values
DISK_SPACE=`/bin/df -lh | /bin/sed "$INDENT_IT"`
PROCESS_LIST=`/bin/ps aux | /bin/sed "$INDENT_IT"`
INTERFACES_LIST=`/sbin/ifconfig | /bin/sed "$INDENT_IT"`
INTERFACES2_LIST=`/bin/netstat -in | /bin/sed "$INDENT_IT"`
ROUTAGE_LIST=`/bin/netstat -rn | /bin/sed "$INDENT_IT"`
CONNECTIONS_LIST=`/bin/netstat -tunap | /bin/sed "$INDENT_IT"`
STRANGE_FILES=`/usr/bin/find / \( -nouser -o -nogroup -o \( -type f \( -perm -004000 -o -perm -002000 \) \) \) -exec ls -la {} \; 2> /dev/null | /bin/sed "$INDENT_IT"`
LOG_FW_ACCEPT=`/bin/cat /var/log/fw_accept.log | /bin/sed "$INDENT_IT"`
LOG_FW_DENY=`/bin/cat /var/log/fw_deny.log | /bin/sed "$INDENT_IT"`
LOG_SECURITE=`/bin/cat /var/log/sécurité.log | /bin/sed "$INDENT_IT"`
### Warning : the next two lines are only one command line
QUOTAS_GROUP_LIST=`/usr/sbin/repquota -gva | /bin/sed 's/\*\*\*/\\
\*\*\*/' | /bin/sed "$INDENT_IT"`
### Warning : the next two lines are only one command line
QUOTAS_USER_LIST=`/usr/sbin/repquota -uva | /bin/sed 's/\*\*\*/\\
\*\*\*/' | /bin/sed "$INDENT_IT"`
# Create the report
{
/bin/cat <<EOF
Rapport système $REPORT_NAME - `/bin/date`
Système :
---------
Espace disque :
---------------
$DISK_SPACE
Quotas groupes :
----------------
$QUOTAS_GROUP_LIST
Quotas utilisateurs :
---------------------
$QUOTAS_USER_LIST
Processus :
-----------
$PROCESS_LIST
Réseau :
--------
Interfaces (/sbin/ifconfig) :
-----------------------------
$INTERFACES_LIST
Interfaces (/bin/netstat) :
---------------------------
$INTERFACES2_LIST
Routage :
---------
$ROUTAGE_LIST
Connexions :
------------
$CONNECTIONS_LIST
Test du système :
-----------------
Vérification des permissions fichiers (nouser/nogroup/suid/sgid) :
------------------------------------------------------------------
$STRANGE_FILES
Fichier de log sécurité :
-------------------------
$LOG_SECURITE
Fichier de log des connexions refusées par le firewall :
--------------------------------------------------------
$LOG_FW_DENY
Fichier de log des connexions acceptées par le firewall :
---------------------------------------------------------
$LOG_FW_ACCEPT
done -- - `/bin/date`
EOF
} > $REPORT_FILE
if [ $OK_TO_MAIL ] && [ $OK_TO_MAIL == 1 ]
then
$LOGGER_MAIL
/bin/cat $REPORT_FILE | /usr/bin/mail -s "$REPORT_NAME system report" $MAIL_ADDR
fi
Copyright (c) 2003 Simon Castro, scastro [ at ] entreelibre.com.
Permission is granted to copy, distribute and/or modify this document under the
terms of the GNU Free Documentation License, Version 1.2 or any later version
published by the Free Software Foundation; with the Invariant Sections being
LIST THEIR TITLES, with the Front-Cover Texts being LIST, and with the
Back-Cover Texts being LIST.
You must have received a copy of the license with this document and it should
be présent in the fdl.txt file.
If you did not receive this file or if you don't think this fdl.txt license is
correct, have a look on the official http://www.fsf.org/licenses/fdl.txt
licence file.
|
