Difference between revisions of "Portsentry"
From MS Computech
| Line 8: | Line 8: | ||
</pre><pre>#!/bin/bash | </pre><pre>#!/bin/bash | ||
case "$1" in | case "$1" in | ||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | |||
| − | + | start) | |
| − | + | echo "Starting Portsentry..." | |
| − | + | ps ax | grep -iw '/usr/sbin/portsentry -atcp' | grep -iv 'grep' > /dev/null | |
| − | + | if [ $? != 0 ]; then | |
| − | + | /usr/sbin/portsentry -atcp | |
| − | + | fi | |
| − | + | ||
| − | + | ps ax | grep -iw '/usr/sbin/portsentry -audp' | grep -iv 'grep' > /dev/null | |
| − | + | if [ $? != 0 ]; then | |
| − | + | /usr/sbin/portsentry -audp | |
| − | + | fi | |
| − | + | echo "Portsentry is now up and running!" | |
| − | + | ;; | |
| − | + | stop) | |
| − | + | echo "Shutting down Portsentry..." | |
| − | + | array=(`ps ax | grep -iw '/usr/sbin/portsentry ' | grep -iv 'grep' \ | |
| − | + | | awk '{print $1}' | cut -f1 -d/ | tr '\n' ' '`) | |
| − | + | element_count=${#array[@]} | |
| − | + | index=0 | |
| − | + | while [ "$index" -lt "$element_count" ] | |
| − | + | do | |
| − | + | kill -9 ${array[$index]} | |
| − | + | let "index = $index + 1" | |
| − | + | done | |
| − | + | echo "Portsentry stopped!" | |
| − | + | ;; | |
| + | restart) | ||
| + | $0 stop && sleep 3 | ||
| + | $0 start | ||
| + | ;; | ||
| + | *) | ||
| + | echo "Usage: $0 {start|stop|restart}" | ||
| + | exit 1 | ||
| + | |||
| + | |||
| + | |||
esac | esac | ||
exit 0 | exit 0 | ||
| + | |||
</pre> | </pre> | ||
| + | |||
<pre> | <pre> | ||
#chmod 644 portsentry | #chmod 644 portsentry | ||
Revision as of 16:39, 6 December 2008
Portsentry portscan detect&block Installation log mscompute team
#apt-get install portsentry
#nano /etc/portsentry/portsentry.confBLOCK_UDP="1"
BLOCK_TCP="1"
#cd /etc/init.d/
- nano portsentryscript
#!/bin/bashcase "$1" in
start)
echo "Starting Portsentry..." ps ax | grep -iw '/usr/sbin/portsentry -atcp' | grep -iv 'grep' > /dev/null if [ $? != 0 ]; then /usr/sbin/portsentry -atcp fips ax | grep -iw '/usr/sbin/portsentry -audp' | grep -iv 'grep' > /dev/null
if [ $? != 0 ]; then /usr/sbin/portsentry -audp fi echo "Portsentry is now up and running!" ;; stop) echo "Shutting down Portsentry..." array=(`ps ax | grep -iw '/usr/sbin/portsentry ' | grep -iv 'grep' \ | awk '{print $1}' | cut -f1 -d/ | tr '\n' ' '`) element_count=${#array[@]} index=0 while [ "$index" -lt "$element_count" ] do kill -9 ${array[$index]} let "index = $index + 1" done echo "Portsentry stopped!" ;; restart) $0 stop && sleep 3 $0 start ;; *) echo "Usage: $0 {start|stop|restart}" exit 1
esac exit 0
#chmod 644 portsentry #chmod 755 portsentryscript #update-rc.d portsentryscript defaults
