diff options
| author | Eugeni Dodonov <eugeni@mandriva.org> | 2009-06-26 19:20:13 +0000 |
|---|---|---|
| committer | Eugeni Dodonov <eugeni@mandriva.org> | 2009-06-26 19:20:13 +0000 |
| commit | 93d2eb4d210f30f02b7a9ffc10271e7a7ed099e5 (patch) | |
| tree | 9bc01649ad00d24a57da3378b7cb1e58d4e30e16 /cron-sh/scripts | |
| parent | 0dacd369cc5394a95bbfdcace3b9b760c83173e0 (diff) | |
| download | msec-93d2eb4d210f30f02b7a9ffc10271e7a7ed099e5.tar msec-93d2eb4d210f30f02b7a9ffc10271e7a7ed099e5.tar.gz msec-93d2eb4d210f30f02b7a9ffc10271e7a7ed099e5.tar.bz2 msec-93d2eb4d210f30f02b7a9ffc10271e7a7ed099e5.tar.xz msec-93d2eb4d210f30f02b7a9ffc10271e7a7ed099e5.zip | |
Improved promisc check.
Diffstat (limited to 'cron-sh/scripts')
| -rwxr-xr-x | cron-sh/scripts/06_promisc.sh | 26 |
1 files changed, 7 insertions, 19 deletions
diff --git a/cron-sh/scripts/06_promisc.sh b/cron-sh/scripts/06_promisc.sh index e46620c..af248f0 100755 --- a/cron-sh/scripts/06_promisc.sh +++ b/cron-sh/scripts/06_promisc.sh @@ -1,21 +1,7 @@ #!/bin/bash -# TODO: this is incomplete for new msec framework +# msec: this checks if the network is in promiscuous mose -# Writen by Vandoorselaere Yoann - -Syslog() { - if [[ ${SYSLOG_WARN} == yes ]]; then - logger -t msec -- "${1}" - fi -} - -Ttylog() { - if [[ ${TTY_WARN} == yes ]]; then - w | grep -v "load\|TTY" | grep '^root' | awk '{print $2}' | while read line; do - echo -e "${1}" > /dev/$line - done - fi -} +. /usr/share/msec/functions.sh LogPromisc() { date=`date` @@ -23,9 +9,11 @@ LogPromisc() { Syslog " A sniffer is probably running on your system." Ttylog "\\033[1;31mSecurity warning : $1 is in promiscuous mode.\\033[0;39m" Ttylog "\\033[1;31mA sniffer is probably running on your system.\\033[0;39m" - echo -e "\n${date} Security warning : $1 is in promiscuous mode." >> /var/log/security.log - echo " A sniffer is probably running on your system." >> /var/log/security.log - + # are we being run from security.sh script? + if [ ! -z "$SECURITY" ]; then + printf "\nSecurity Warning: $1 is in promiscuous mode!" >> ${SECURITY} + printf " A sniffer is probably running on your system." >> ${SECURITY} + fi } if [[ -f /etc/security/msec/security.conf ]]; then |