Automatically check for /var/log/secure for intruders: Auto Spell for Directories
Here's what I like to keep in my .bash_profile to automatically tell me about intruders upon login
echo -e "*************************\nSystem Security Messages" >> /designerz/security/log/frankly.messages;
echo "Current Users " >> /designerz/security/log/frankly.messages;
who >> /designerz/security/log/frankly.messages
#who | uniq | sort
echo "Last Users | Unique " >> /designerz/security/log/frankly.messages;
#last -30 | uniq | sort | cut -d " " -f 1 | sort | uniq >> /designerz/security/log/frankly.messages
last -30 | uniq | sort >> /designerz/security/log/frankly.messages
#last | uniq | sort | cut -d " " -f 1
#last | uniq | sort | cut -d " " -f 1 | sort | uniq
echo "Faillog";
faillog
faillog >> /designerz/security/log/frankly.messages
echo "Unique 'who' Connected";
who | uniq | sort | awk '{print $6}' | sort | uniq
who | uniq | sort | awk '{print $1}' | sort | uniq
echo "Last";
last | uniq | sort | awk '{print $1}' | sort | uniq
search="Failed .*"; logile="/var/log/secure"; cat $logile | grep "$search" | awk -F: '{ print $7 }' | awk '{count[$1]++} END { for( i in count ) { if ( count[i] >= 5 ){print i "Total Failed Attempts: " count[i] ""} }}';
echo "End of Security Report. (/designerz/security/log/intruder.ssh.log, /designerz/security/log/frankly.messages) ";
#cat /designerz/security/log/frankly.messages
#tail -10 /designerz/security/log/intruder.ssh.log;
alias rm='rm -i'
alias cp='cp -i'
Today I came across Blog O’ Matty which has some good tips.
For instance, you may not know that using cdspell can come to your rescue if you have problem spelling your directories.
[root@srv30 frankly]# grep cdspell .bash_profile
[root@srv30 frankly]# man cdspell
No manual entry for cdspell
[root@srv30 frankly]# cdspell
-bash: cdspell: command not found
[root@srv30 frankly]# shopt -s cdspell
[root@srv30 frankly]# cd /hme
/home
[root@srv30 home]#
Enjoy
0 Comments:
Post a Comment
<< Home