[linux] Re: Gebruiker waarmee men via ssh probeert in te loggen
Hugo van der Kooij
hvdkooij op vanderkooij.org
Di mei 3 11:58:06 CEST 2005
On Tue, 3 May 2005, Gijs Hillenius wrote:
> Dat script, dat zou ik wel eens willen zien..
Niet echt rocket science. Maar wel erg handig:
#!/bin/sh
HOST=$1
FILE=/tmp/abuse-${HOST}
DATE=`date`
echo > $FILE
echo $DATE >> $FILE
echo >> $FILE
echo "All timestamps are local time in the timezone shown above" >> $FILE
echo >> $FILE
echo " Abuse complaint about ${HOST}:" >> $FILE
echo >> $FILE
whois $1 >> $FILE
echo >> $FILE
echo " WEBSERVER:" >> $FILE
echo >> $FILE
grep -h $HOST /var/log/httpd/*/access.log >> $FILE
echo >> $FILE
echo " MAILLOG:" >> $FILE
echo >> $FILE
for COUNT in 9 8 7 6 5 4 3 2 1
do
grep $HOST /var/log/maillog.$COUNT >> $FILE
done
grep $HOST /var/log/maillog >> $FILE
echo >> $FILE
echo " SYSLOG:" >> $FILE
echo >> $FILE
for COUNT in 9 8 7 6 5 4 3 2 1
do
grep $HOST /var/log/messages.$COUNT >> $FILE
done
grep $HOST /var/log/messages >> $FILE
echo >> $FILE
echo " SECURITY:" >> $FILE
echo >> $FILE
for COUNT in 9 8 7 6 5 4 3 2 1
do
grep $HOST /var/log/secure.$COUNT >> $FILE
done
grep $HOST /var/log/secure >> $FILE
# EOF!
Hugo.
--
I hate duplicates. Just reply to the relevant mailinglist.
hvdkooij op vanderkooij.org http://hvdkooij.xs4all.nl/
Don't meddle in the affairs of magicians,
for they are subtle and quick to anger.
More information about the Linux
mailing list