Instalando e configurando o AIDE em 15 minutos
Publicado por Marcos Pitanga 17/05/2005
[ Hits: 11.511 ]
Homepage: hpc.edools.com
Este script automatiza todo o processo de instalacao do IDS filesystem AIDE - Advanced Intrusion Detection Environment -
#!/bin/sh
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2, or (at your option)
# any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# by: Marcos Pitanga <pitanga@domain.com.br>
# Wed Sep 1 21:00:19 BRT 2005
inicial()
{
clear
echo -e "********************************************************************************"
echo -e "** Este script facilita o procedimento de instalacao do filesystem check AIDE **"
echo -e "** Advanced Intrusion Detection Environment **"
echo -e "** By Marcos Pitanga **"
echo -e "********************************************************************************"
sleep 5
}
declare_vars()
{
AIDE_DIR="/usr/local/aide_fontes"
MAKE="`which make`"
MKDIR="`which mkdir`"
SED="`which sed`"
TAR="`which tar`"
COPY="`which cp`"
WGET="`which wget`"
CONFIG="./configure"
# Crio o diretorio para os fontes
if [ ! -d $AIDE_DIR ]; then
mkdir -p $AIDE_DIR
fi
}
downloads()
{
echo "Baixando os pacotes. Espere um pouquinho."
echo "[ Baixando os pacotes para a instalacao ]" >> /var/log/downloads_sources
cd $AIDE_DIR
if [ ! -e mhash-0.9.1.tar.gz ]; then
$WGET http://belnet.dl.sourceforge.net/sourceforge/mhash/mhash-0.9.1.tar.gz >> /var/log/downloads_sources 2>&1
fi
if [ ! -e aide-0.10.tar.gz ]; then
$WGET http://voxel.dl.sourceforge.net/sourceforge/aide/aide-0.10.tar.gz >> /var/log/downloads_sources 2>&1
fi
cd $AIDE_DIR
echo "[ Fim do download dos pacotes ]" >> /var/log/downloads_sources
}
instala_mhash()
{
echo "Instalando a biblioteca mhash."
echo "[ Instalando $package_name ]" >> /var/log/mhash_source
mhash_source=$package_name
mhash_dir=`echo $mhash_source | sed s/\.tar\.gz//`
$TAR -xzf $mhash_source >> /var/log/mhash_source 2>&1
cd $mhash_dir >> /var/log/mhash_source 2>&1
$CONFIG --enable-static=yes
$MAKE >> /var/log/mhash_source 2>&1
$MAKE check 2>> /var/log/mhash_source 2>&1
$MAKE install 2>> /var/log/mhash_source 2>&1
cd $AIDE_DIR >> /var/log/mhash_source 2>&1
echo "[ terminei a biblioteca mhash ]" >> /var/log/mhash_source
}
instala_aide()
{
echo "Instalando o AIDE."
echo "[ Instalando $package_name ]" >> /var/log/aide_source
aide_source=$package_name
aide_dir=`echo $aide_source | sed s/\.tar\.gz//`
$TAR -xzf $aide_source >> /var/log/aide_source 2>&1
cd $aide_dir >> /var/log/aide_source 2>&1
$CONFIG --sysconfdir=/usr/local
$MAKE >> /var/log/aide_source 2>&1
$MAKE install >> /var/log/aide_source 2>&1
cd $AIDE_DIR >> /var/log/aide_source 2>&1
echo "[ Fim da instalacao do AIDE ]" >> /var/log/aide_source
}
cria_arquivo()
{
echo -e "
#
# Copyright (c) 2000 SuSE, Germany.
#
# Author: Matthias Eckermann, SuSE Linux Solutions AG
#
# /etc/aide.conf
#
database=file:/var/aide/aide.db
database_out=file:/var/aide/aide.db.new
verbose=20
#verbose=5
report_url=stdout
All=R+a+sha1+rmd160+tiger
Norm=s+n+b+md5+sha1+rmd160+tiger
# Whether to gzip the output to database
# gzip_dbout=no
#report_url=stdout
#other possibilities
#report_url=stderr
#NOT IMPLEMENTED report_url=mailto:root@foo.com
#report_url=file:/tmp/some_file.txt
#NOT IMPLEMENTED report_url=syslog:LOG_AUTH
report_url=stdout
#p: permissions
#i: inode
#n: number of links
#u: user
#g: group
#s: size
#b: block count
#m: mtime
#a: atime
#c: ctime
#S: check for growing size
#md5: md5 checksum
#sha1: sha1 checksum
#rmd160: rmd160 checksum
#tiger: tiger checksum
#R: p+i+n+u+g+s+m+c+md5
#L: p+i+n+u+g
#E: Empty group
#>: Growing logfile p+u+g+i+n+S
#The following are available if you have mhash support enabled.
#haval: haval checksum
#gost: gost checksum
#crc32: crc32 checksum
# Definicao da Regra
#All=R+a+b
All=R+b
# ignore_list is a special rule definition
# the attributes listed in it are not displayed in the
# final report
# Attributes that can be used to verify that aide in intact
# by people that have downloaded it from the web.
# Let's be paranoid
Norm=s+n+b+md5+sha1+rmd160+tiger
#
# nao faca nestes diretorios
#
!/dev
!/tmp
!/proc
!/usr/src
!/.*~
!/.*RCS
!/.*CVS
!/.*aide\.db.*
!/.*\.cvsignore.*
!/etc/X11
!/etc/pcmcia
!/var/log/messages
!/var/log/mail
!/var/log/lastlog
!/var/log/wtmp
!/var/log/sendmail.st
!/var/spool/mail
#
# Faca no restante dos arquivos
#
#/ R
/ All" >>/etc/aide.conf
}
fim_instalacao()
{
echo "Pacotes instalados. veja install_log para maior detalhes."
}
inicial
declare_vars
downloads
package_name=`ls mhash-0.9.1.tar.gz`
instala_mhash
package_name=`ls aide-0.10.tar.gz`
instala_aide
cria_arquivo
fim_instalacao
Scripts recomendados
Disponibilidade de impressoras de rede
Bloquear ataques DDoS com bloqueio de range de IPs e avisar por e-mail
Comentários
Nenhum coment�rio foi encontrado.
Patrocínio
Site hospedado pelo provedor RedeHost.
Destaques
Artigos
Máquina perereca - até onde é possível o uso de Linux?
Mitigação - O que é e quando é "seguro" desabilitar
Atualizar Debian Online de uma Versão para outra
A arte e a prática da Disciplina a longo prazo
Topgrade - Atualize seu sistema Linux inteiro com um único comando
Dicas
Site com diversos emojis para seus códigos
Um modo leve de ouvir/ver áudio/vídeo da internet em máquinas pererecas
Tópicos
Debian 11 Bullseye não liga normalmente (13)
Problemas com ativação do Gutta e download de navegador. (4)
Top 10 do mês
-
Xerxes
1° lugar - 74.370 pts -
Fábio Berbert de Paula
2° lugar - 48.412 pts -
Buckminster
3° lugar - 19.287 pts -
Mauricio Ferrari
4° lugar - 16.449 pts -
Daniel Lara Souza
5° lugar - 15.065 pts -
Alberto Federman Neto.
6° lugar - 14.112 pts -
edps
7° lugar - 13.629 pts -
Andre (pinduvoz)
8° lugar - 13.291 pts -
Diego Mendes Rodrigues
9° lugar - 12.814 pts -
Alessandro de Oliveira Faria (A.K.A. CABELO)
10° lugar - 12.183 pts
Scripts
A maior comunidade GNU/Linux da América Latina! Artigos, dicas, tutoriais, fórum, scripts e muito mais. Ideal para quem busca auto-ajuda.
Site hospedado por:
