diff options
| -rwxr-xr-x | cron-sh/diff_check.sh | 5 | ||||
| -rwxr-xr-x | cron-sh/promisc_check.sh | 20 |
2 files changed, 23 insertions, 2 deletions
diff --git a/cron-sh/diff_check.sh b/cron-sh/diff_check.sh index c69de85..bef14be 100755 --- a/cron-sh/diff_check.sh +++ b/cron-sh/diff_check.sh @@ -232,5 +232,8 @@ if [ -s ${TMP} ]; then date=`date` echo -n "\n\n*** ${date} ***\n" >> ${SECURITY_LOG} cat ${TMP} >> ${SECURITY_LOG} - rm -f ${TMP} +fi + +if [ -f ${TMP} ]; then + rm -f ${TMP} fi diff --git a/cron-sh/promisc_check.sh b/cron-sh/promisc_check.sh index 6caada9..10110b4 100755 --- a/cron-sh/promisc_check.sh +++ b/cron-sh/promisc_check.sh @@ -7,6 +7,20 @@ else exit 1 fi +Syslog() { + if [ "${SYSLOG_WARN}" == "yes" ]; then + /sbin/initlog --string="${1}" + fi +} + +Ttylog() { + if [ "${TTYLOG_WARN}" == "yes" ]; then + w | grep -v "load\|TTY" | awk '{print $2}' | while read line; do + echo -e "${1}" > /dev/$i + done + fi +} + PROMISC_CHECK="/usr/bin/promisc_check -q" # # Check if a network interface is in promisc check... @@ -14,9 +28,13 @@ PROMISC_CHECK="/usr/bin/promisc_check -q" # LogPromisc() { - Syslog "Security warning : $1 is in promiscuous mode. (sniffer running ?)" + Syslog "Security warning : $1 is in promiscuous mode." + Syslog " A sniffer is probably running on your system." Ttylog "\\033[1;31mSecurity warning : $1 is in promiscuous mode.\\033[0;39m" Ttylog "\\033[1;31mA sniffer is probably running on your system.\\033[0;39m" + echo "Security warning : $1 is in promiscuous mode." >> /var/log/security.log + echo " A sniffer is probably running on your system." >> /var/log/security.log + } if [ -f /etc/security/msec/security.conf ]; then |