Gentoo Forums :: View topic - Script in perl ( chkrootkit )

Script in perl ( chkrootkit )

View unanswered posts
View posts from last 24 hours

Gentoo Forums Forum Index

Networking & Security

View previous topic :: View next topic

Author

Message

ares
Apprentice

Joined: 13 Oct 2003
Posts: 280
Location: Savigliano (CN)

Posted: Sun May 23, 2004 1:54 am Post subject: Script in perl ( chkrootkit )

Hi
Proposed my simple program in perl with chkrootkit
Depend = perl, MIME::Lite, Archive::Tar, Compress::Zlib e chkrootkit
Edit crontab and type
0 3 * * * root /usr/local/bin/rkit
Edit line 65,66,83,84 for From and To
Archive in /var/log in format rkit-mag62004.tar.gz

Code:

#!/usr/bin/perl
################################
#
# :'######:::'########:'##::: ##:'########::'#######:::'#######::
# '##... ##:: ##.....:: ###:: ##:... ##..::'##.... ##:'##.... ##:
# ##:::..::: ##::::::: ####: ##:::: ##:::: ##:::: ##: ##:::: ##:
# ##::'####: ######::: ## ## ##:::: ##:::: ##:::: ##: ##:::: ##:
# ##::: ##:: ##...:::: ##. ####:::: ##:::: ##:::: ##: ##:::: ##:
# ##::: ##:: ##::::::: ##:. ###:::: ##:::: ##:::: ##: ##:::: ##:
# . ######::: ########: ##::. ##:::: ##::::. #######::. #######::
# :......::::........::..::::..:::::..::::::.......::::.......:::
#
# Released under the GPL.
# Author: ares <ares@serversecurity.org>
# Homepage : genbuild.altervista.org
# Depend: MIME::Lite, Archive::Tar, Compress::Zlib e chkrootkit
# Use :
# chmod +x rkit
# crontab -e
# 0 3 * * * root /usr/local/bin/rkit
#
###########################################################################

use POSIX;
use MIME::Lite;
use Archive::Tar;
use Compress::Zlib;

$rkit = "/usr/sbin/chkrootkit";
$date = strftime "%a %b %e %Y", localtime ();
$date =~s/\w+//;
$date = join('', split(/ /, $date));

$log = "chkrootkit.log";

$temp = "/var/log";
chomp ($temp);
chdir ($temp);

sub control { if ($rkit) {
system("$rkit \> $log");
my $tar = Archive::Tar->new();
$tar_log = $tar->add_files($log);
$tar_log =~ s/\d//;
$kit = "rkit-";
$tardata = $tar->write();
open (GZIP, ">" . $kit . $tar_log . $date . ".tar.gz");
binmode(GZIP);
$gz=gzopen(\*GZIP, "wb9");
print $gz->gzwrite($tardata);
$gz->gzclose();
close(GZIP);
}
}

sub message {
if (-e $log) {
$msg = MIME::Lite->new(
From =>'user@host',
To =>'user@host',
Cc =>'',
Subject =>'Log Archive',
Type =>'multipart/mixed'
);
$msg->attach(Type =>'TEXT',
   Data =>"Log report",
   );
$msg->attach(Type =>'text/x-log',
   Encoding =>'base64',
   Path =>'/var/log/chkrootkit.log',
   Filename =>'chkrootkit.log"',
);
$msg->send;
}
else {
$msg = MIME::Lite->new(
From =>'user@host',
To =>'user@host',
Cc =>'',
Subject =>'Rkit failed',
Type =>'TEXT',
Data =>'Log not exist'
);
$msg->send;
}
}
&control();
&message();
unlink $log;

_________________
My portage and homepage

Display posts from previous:

	Gentoo Forums Forum Index Networking & Security	All times are GMT
Page 1 of 1

Jump to:

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy