tailieunhanh - Hardening Apache by Tony Mobily phần 8

# Các của kiểm toán kết quả IS khác nhau, gửi # một email cảnh báo # # vang DEBUG: Có được sự khác biệt tiếng vang "Xin chào, Kết quả của cuộc kiểm toán kiểm tra $ audit_name đã cho một kết quả khác nhau từ các thời gian cuối cùng nó được chạy Đây là sự khác biệt là gì. | The audit s result IS different send a warning email echo DEBUG There were differences echo Hello The result of the audit check audit name gave a different result from the last time it was run. Here is what the differences are from diff ---STARTS HERE STARTS HERE------------- differences -----ENDS HERE--ENDS HERE---------- Here is today s result ---STARTS HERE STARTS HERE------------- cat DD audit check results audit name -----ENDS HERE--ENDS HERE---------- Here is the result from last time ---STARTS HERE STARTS HERE------------- cat DD audit check results -----ENDS HERE--ENDS HERE---------- You may have to verify why this happened. Yours audit_check mail -s audit check warning EMAIL The TMP file which is the result of the freshly executed nikto becomes the audit s last result mv -f DD audit check results DD audit check results audit name fi done exit audit_check has a plugin-like architecture in the same directory where the script is stored in this case usr local bin apache scripts there is a directory called audit that contains several executable shell scripts. Each one of them is a specific audit check which will be used by the main script. For example your directory structure could look like this root@merc apache scripts Is -l total 24 . -rwxr-xr-x 1 root root drwxr-xr-x 2 root root . root@merc apache scripts Is -l total 4 -rwxr-xr-x 1 root root root@merc apache scripts 1833 Aug 23 15 20 audit check 4096 Aug 23 15 24 audit 476 Aug 23 15 20 nikto You should make sure that the result of the auditing script Nikto in this case is the same if it s run twice on the same system. Therefore any time-dependent output such as date time should be filtered out. audit_check should be run once a day. How it Works As usual the script sets the default information first DD var apache scripts data Data directory EMAIL merc@localhost Alert email address The script needs a directory called audit_check_results where it