shell 入侵检测与邮件告警

shell 入侵检测与邮件告警

#!/bin/bash
webdir=/var/www/html
cd $webdir
#方法1 MD5sum校验
#md5sum /var/www/html/index.html >/opt/webfile.db
md5sum -c --quiet /opt/webfile.db
if [ $? -eq 0 ]; then
        echo "web file is ok"
else
        echo ""
        #mail -s "web file is change!" wg01@163.com
fi
##方法2 web目录下文件数是否有变动

#!/bin/bash
web_dir="/usr/share/nginx/html"
cd ${web_dir}
#这是网站初始文件内容
[ -f /opt/count_db.sec ] || find . -type f > /opt/count_db.sec
#这是当前网站文件内容
if [ -e /opt/count_db ]; then
        echo "/opt/count_db 存在"
        rm -rf /opt/count_db
        find . -type f > /opt/count_db
else
        find . -type f > /opt/count_db
fi
diff  /opt/count_db /opt/count_db.sec > /dev/null
if [ $? -eq 0 ]; then
        echo "网站的文件数没有发生改变"
else
        echo "网站的文件数发生了改变"
fi