端口安全检查shell脚本 

 1 #!/bin/bash
 2 #This script name is scan_analyse.sh
 3 . /etc/profile
 4 echo "start time is $(date)"
 5 time=$(date +"%Y-%m-%d")
 6 yesterday=`date -d "1 day ago " +"%Y-%m-%d"`
 7 work_dir="/root/nmap_scan"
 8 now_dir="$work_dir/scan_result/$time"
 9 IP='1.1.1.0/24'
10 contact_mail='xx@mail.com'
11 rm -rf $now_dir
12 if [ ! -d "$work_dir/scan_result/$time" ];then
13 mkdir -p $work_dir/scan_diff_result/$time
14 fi
15 rm -rf $work_dir/scan_diff_result/$time/result.log
16 ip_32=`echo $IP|cut -d . -f 1-3`
17 if [ ! -d $now_dir/$ip_32 ];then
18     mkdir -p $now_dir/$ip_32
19 fi
20 for i in {1..254}
21 do
22 nmap -sS -r -n $ip_32.$i |egrep -v "(Starting|scanned)"|egrep "(Nmap|open)" >$now_dir/$ip_32/$ip_32.$i
23 if [ `cat $now_dir/$ip_32/$ip_32.$i|wc -l` -eq 1 ];then
24 rm -rf  $now_dir/$ip_32/$ip_32.$i
25 fi
26 done
27 echo "stop time is $(date)"
28 for b in $ip_32 
29 do
30 for i in $(ls $now_dir/$b)
31 do
32 if [ ! -f "$work_dir/scan_source/$b/$i" ];then
33 echo "增加新主机 $i,下面是全部信息:">>$work_dir/scan_diff_result/$time/result.log
34     if [ `cat $now_dir/$b/$i|wc -l` -gt 100 ];then
35         echo "开启了所有端口,怀疑是有nat或者负载均衡!">>$work_dir/scan_diff_result/$time/result.log
36     else
37         cat $now_dir/$b/$i>>$work_dir/scan_diff_result/$time/result.log
38     fi
39 
40 else
41     if [ `diff -u $now_dir/$b/$i $work_dir/scan_source/$b/$i|egrep -v "(\-\-\-|\+\+\+|@@)"|egrep "(Nmap|\-|\+)"|wc -l` -gt 100 ];then
42         head -n 1 $now_dir/$b/$i>>$work_dir/scan_diff_result/$time/result.log
43         echo "开启了所有端口,怀疑是有nat或者负载均衡!">>$work_dir/scan_diff_result/$time/result.log
44     else
45         diff -u $now_dir/$b/$i $work_dir/scan_source/$b/$i|egrep -v "(\-\-\-|\+\+\+|@@)"|egrep "(Nmap|\-|\+)"|sed -e 's# Nmap scan report for#扫描主机#g'|sed -e 's#^+#关闭了 #g' -e 's#^-#开启了 #g'>>$work_dir/scan_diff_result/$time/result.log
46     fi
47 fi
48 done
49 done
50 if [ `cat $work_dir/scan_diff_result/$time/result.log|wc -l` -eq 0 ];then
51 echo "今日一切正常,没有变化的端口!"|mail -s "【$time】所有IDC机房差异端口扫描结果" $contact_mail
52 else
53 sed -i "1i 大家好: \n    下面是$time日所有IDC机房扫描新增主机或已有主机新增或关闭端口情况,请各项目负责人及时认领与确认.\n" $work_dir/scan_diff_result/$time/result.log
54 cat $work_dir/scan_diff_result/$time/result.log|mail -s "【$time】所有IDC机房差异端口扫描结果" $contact_mail
55 fi
56 rm -rf $work_dir/scan_source/
57 cp -a $work_dir/scan_result/$time  $work_dir/scan_source
58 if [ $? -eq 0 ];then
59 echo "运行完成,操作成功!"
60 else
61 echo "运行完成,操作失败!"
62 fi

 

posted @ 2018-11-26 18:36  BigZero  阅读(1428)  评论(1)    收藏  举报