Instalando e configurando o AIDE em 15 minutos [Shell Script]

Instalando e configurando o AIDE em 15 minutos

Publicado por Marcos Pitanga 17/05/2005

[ Hits: 11.264 ]

Homepage: hpc.edools.com

Download aide.sh

0 0

Denuncie Favoritos Indicar

Este script automatiza todo o processo de instalacao do IDS filesystem AIDE - Advanced Intrusion Detection Environment -

Esconder código-fonte

#!/bin/sh

#   This program is free software; you can redistribute it and/or modify
#   it under the terms of the GNU General Public License as published by
#   the Free Software Foundation; either version 2, or (at your option)
#   any later version.
#
#   This program is distributed in the hope that it will be useful,
#   but WITHOUT ANY WARRANTY; without even the implied warranty of
#   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
#   GNU General Public License for more details.
#
# by: Marcos Pitanga <pitanga@domain.com.br>
# Wed Sep  1 21:00:19 BRT 2005


inicial()
{
clear
echo -e "********************************************************************************"
echo -e "** Este script facilita o procedimento de instalacao do filesystem check AIDE **"
echo -e "**          Advanced Intrusion Detection Environment                          **"
echo -e "**                         By Marcos Pitanga                                  **"
echo -e "********************************************************************************"
sleep 5
}

declare_vars()
{
AIDE_DIR="/usr/local/aide_fontes"
MAKE="`which make`"
MKDIR="`which mkdir`"
SED="`which sed`"
TAR="`which tar`"
COPY="`which cp`"
WGET="`which wget`"
CONFIG="./configure"
# Crio o diretorio para os fontes 
if [ ! -d $AIDE_DIR ]; then
        mkdir -p $AIDE_DIR
fi
}

downloads()
{
echo "Baixando os pacotes. Espere um pouquinho."
echo "[ Baixando os pacotes para a instalacao ]" >> /var/log/downloads_sources

cd $AIDE_DIR

if [ ! -e mhash-0.9.1.tar.gz ]; then
$WGET http://belnet.dl.sourceforge.net/sourceforge/mhash/mhash-0.9.1.tar.gz >> /var/log/downloads_sources 2>&1
fi

if [ ! -e aide-0.10.tar.gz ]; then
$WGET http://voxel.dl.sourceforge.net/sourceforge/aide/aide-0.10.tar.gz >> /var/log/downloads_sources 2>&1
fi

cd $AIDE_DIR
echo "[ Fim do download dos pacotes ]" >> /var/log/downloads_sources
}

instala_mhash()
{
echo "Instalando a biblioteca mhash." 
echo "[ Instalando $package_name ]" >> /var/log/mhash_source
mhash_source=$package_name
mhash_dir=`echo $mhash_source | sed s/\.tar\.gz//`
$TAR -xzf $mhash_source >> /var/log/mhash_source 2>&1
cd $mhash_dir >> /var/log/mhash_source 2>&1
$CONFIG --enable-static=yes
$MAKE >> /var/log/mhash_source 2>&1
$MAKE check 2>> /var/log/mhash_source 2>&1
$MAKE install 2>> /var/log/mhash_source 2>&1
cd $AIDE_DIR >> /var/log/mhash_source 2>&1
echo "[ terminei a biblioteca mhash ]" >> /var/log/mhash_source
}

instala_aide()
{
echo "Instalando o AIDE."
echo "[ Instalando $package_name ]" >> /var/log/aide_source
aide_source=$package_name
aide_dir=`echo $aide_source | sed s/\.tar\.gz//`
$TAR -xzf $aide_source >> /var/log/aide_source 2>&1
cd $aide_dir >> /var/log/aide_source 2>&1
$CONFIG --sysconfdir=/usr/local
$MAKE >> /var/log/aide_source 2>&1
$MAKE install >> /var/log/aide_source 2>&1
cd $AIDE_DIR >> /var/log/aide_source 2>&1
echo "[ Fim da instalacao do AIDE ]" >> /var/log/aide_source
}


cria_arquivo()
{

echo -e "
#
# Copyright (c) 2000 SuSE, Germany.
#
# Author: Matthias Eckermann, SuSE Linux Solutions AG
#
# /etc/aide.conf
#

database=file:/var/aide/aide.db
database_out=file:/var/aide/aide.db.new
verbose=20
#verbose=5
report_url=stdout
All=R+a+sha1+rmd160+tiger
Norm=s+n+b+md5+sha1+rmd160+tiger

# Whether to gzip the output to database
# gzip_dbout=no

#report_url=stdout
#other possibilities
#report_url=stderr
#NOT IMPLEMENTED report_url=mailto:root@foo.com
#report_url=file:/tmp/some_file.txt
#NOT IMPLEMENTED report_url=syslog:LOG_AUTH
report_url=stdout

#p:     permissions
#i:   inode
#n:   number of links
#u:   user
#g:   group
#s:   size
#b:   block count
#m:   mtime
#a:   atime
#c:   ctime
#S:   check for growing size
#md5:   md5 checksum
#sha1:   sha1 checksum
#rmd160:     rmd160 checksum
#tiger:     tiger checksum
#R:   p+i+n+u+g+s+m+c+md5
#L:   p+i+n+u+g
#E:   Empty group
#>:   Growing logfile p+u+g+i+n+S
#The following are available if you have mhash support enabled.
#haval:      haval checksum
#gost:      gost checksum
#crc32:      crc32 checksum


# Definicao da Regra
#All=R+a+b
All=R+b

# ignore_list is a special rule definition
# the attributes listed in it are not displayed in the
# final report

# Attributes that can be used to verify that aide in intact
# by people that have downloaded it from the web.
# Let's be paranoid
Norm=s+n+b+md5+sha1+rmd160+tiger


#
# nao faca nestes diretorios
#

!/dev
!/tmp
!/proc
!/usr/src
!/.*~
!/.*RCS
!/.*CVS
!/.*aide\.db.*
!/.*\.cvsignore.*
!/etc/X11
!/etc/pcmcia
!/var/log/messages
!/var/log/mail
!/var/log/lastlog
!/var/log/wtmp
!/var/log/sendmail.st
!/var/spool/mail

# 
# Faca no restante dos arquivos
#

#/ R
/ All" >>/etc/aide.conf
}

fim_instalacao()
{
echo "Pacotes instalados. veja install_log para maior detalhes."
}

inicial
declare_vars
downloads
package_name=`ls mhash-0.9.1.tar.gz`
instala_mhash
package_name=`ls aide-0.10.tar.gz`
instala_aide
cria_arquivo
fim_instalacao

Scripts recomendados

Renomeia diretorio,subdiretorio e arquivos de maiuscula > minuscula

Backup com rsync

Limpe seu server com o Clamav

Scritp de Firewall com Iptables

Gerenciamento do Samba com Dialog

Comentários

Nenhum comentário foi encontrado.