Pastebin launched a little side project called VERYVIRAL.com, check it out ;-) Want more features on Pastebin? Sign Up, it's FREE!
Guest

rootkit hunter

By: a guest on Jul 22nd, 2013  |  syntax: Bash  |  size: 0.82 KB  |  views: 57  |  expires: Never
download  |  raw  |  embed  |  report abuse  |  print
Text below is selected. Please press Ctrl+C to copy to your clipboard. (⌘+C on Mac)
  1. #!/bin/bash
  2. # /var/log/rkhunter.log
  3. LOGFILE=~/logs/security-log.log
  4. TMPLOG=~/logs/tmpS.log
  5. DATEFMT=%X:%x
  6. SHNAME=`basename $0`
  7. SLEEP=8m        #wait till box is presumably less-loaded
  8.  
  9. echo -e "$SHNAME start sleep $SLEEP \t\t\t\t"`date +$DATEFMT` > $TMPLOG;
  10. cat $LOGFILE >> $TMPLOG;
  11. mv $TMPLOG $LOGFILE;
  12. sleep $SLEEP;
  13.  
  14. echo -e "$SHNAME rkhunter --update \t\t\t\t"`date +$DATEFMT` > $TMPLOG;
  15. cat $LOGFILE >> $TMPLOG;
  16. mv $TMPLOG $LOGFILE;
  17. sudo rkhunter --update;
  18.  
  19. echo -e "$SHNAME rkhunter --rwo --sk --checkall \t\t"`date +$DATEFMT` > $TMPLOG;
  20. sudo rkhunter --rwo --sk --checkall >> $TMPLOG;
  21. cat $LOGFILE >> $TMPLOG;
  22. mv $TMPLOG $LOGFILE;
  23.  
  24. echo -e "$SHNAME chkrootkit -n -e -x \t\t\t"`date +$DATEFMT` > $TMPLOG;
  25. sudo chkrootkit -n -e -x | grep "INFECTED" >> $TMPLOG;
  26. cat $LOGFILE >> $TMPLOG;
  27. mv $TMPLOG $LOGFILE;
  28.  
  29. exit 0