| may92.tar |
Listing 2
cksysfiles #!/bin/sh # # cksysfiles - verify system files have not been changed # # Run this manually the first time to create the list of system # binaries. The list will be created in the file defined by OLDLIST: OLDLIST=/etc/sysfiles.list # # Then run this script via cron (as root) on a regular basis to compare # it to this list. This file should also be manually examined regularly # to make sure no unauthorized files have been added. # #################################################################### # # maintain secure path since the script will run as root # PATH="/bin:/usr/bin:/etc:/usr/etc" # NEWLIST=/tmp/cksysfiles.$$ TEMP=/tmp/scratch.$$ # # create a list of the local filesystems (i.e. those not remotely mounted) # LOCAL_FILESYSTEMS="/bin /sbin /usr/bin /etc /usr/etc" # # if this is the first time the script is being run # if [ ! -s $OLDLIST ]; then echo "Creating list of system binaries in $OLDLIST..." fi # # make the list of files to be examined # find $LOCAL_FILESYSTEMS -type f -xdev -print | sort >$TEMP # # for each file in the list, get the directory entry and checksum # cp /dev/null $NEWLIST for i in `cat $TEMP` do echo `ls -lg $i` `sum $i` >>$NEWLIST done # # if an old list exists, make the comparison, output will be mailed # to root if run via cron. # if [ -s $OLDLIST ]; then diff $OLDLIST $NEWLIST fi # # clean up # rm $TEMP mv $NEWLIST $OLDLIST
|