get-suspic-ips.sh
· 341 B · Bash
Raw
#!/bin/sh
GREP=/usr/bin/grep
$GREP -Eh 'pma|admin|sql|w00t|CONNECT|wp-admin|wp-login|wordpress|cgi-bin' /var/log/httpd/access_log | mutt -s "Suspicious Webserver URLs (celeste/new)" -- recipient@domain
$GREP -h '404' /var/log/httpd/access_log | grep ".zip" | mutt -s "Suspicious Webserver URLs (celeste/new) zip files" -- recipient@domain
| 1 | #!/bin/sh |
| 2 | |
| 3 | GREP=/usr/bin/grep |
| 4 | |
| 5 | $GREP -Eh 'pma|admin|sql|w00t|CONNECT|wp-admin|wp-login|wordpress|cgi-bin' /var/log/httpd/access_log | mutt -s "Suspicious Webserver URLs (celeste/new)" -- recipient@domain |
| 6 | |
| 7 | $GREP -h '404' /var/log/httpd/access_log | grep ".zip" | mutt -s "Suspicious Webserver URLs (celeste/new) zip files" -- recipient@domain |