I have recently been tasked to create a script that will daily check our firewalls for any security issues that might have happened. I am not very strong with Unix so I need a lot of help and dont know where to start.
Some things I have thought of so far is I want to search the audit.raw files for any occurrence of an admin account being changed. Also want to look for DNS lookups or port 80 GetRequests that are over 64k in size.
I was thinking i could run the script in a cronjob. Is that the best way?
My bosses would also like some kind of output that they can look at and understand.
I am sure there are a lot more things I should be looking for. Has anyone done something like this already or know a good place for me to start researching commands for this kind of task? Thank you in advance for any help you can offer.
Last edited by soccerfan; 12-15-2011 at 05:52 AM..
Hey Guys,
I'm seeking some assistance in getting this script to run as a cron job for the user oracle.. the script is basically to perform 2 ADRCI checks... see the script below... i'm getting the following error: /export/home/oracle/Daily_Checks/ADRCI_Daily_Checks.sh: syntax error at line 16:... (7 Replies)
Hi,
I really do not know how to describe this problem; but, I think it's a firewall
issue. My Distro is Slackware 12.0 (somewhat updated).
My company firewall uses Netfilter and the e-mail server uses Sendmail.
Let's say the firewall's Ext IP = A and Internal DMZ IP = B.
The firewall's... (0 Replies)
I have a process that I am trying to provide a solution for and have hit a brick wall and would like some pointers in the right direction.
Basically on a daily basis a report is automatically generated in a CSV format (FIRST.CSV) which includes codes and amounts in the following format:
... (6 Replies)
GRID-MAPFILE-CHECK(8) Globus Commands GRID-MAPFILE-CHECK(8)NAME
grid-mapfile-check-consistency - Add an entry to a grid map file
SYNOPSIS
grid-mapfile-check-consistency [-h] [-help] [-usage] [-version]
grid-mapfile-check-consistency [-mapfile MAPFILE] | [-f MAPFILE]
DESCRIPTION
The grid-mapfile-check-consistency program performs basic checks for validity of a gridmap file. These checks include checks for existence,
duplication of entries, and valid local user names. If the gridmap file is valid, grid-mapfile-check-consistency exits with a zero exit
code, otherwise it exits with a non-zero exit code. In either case, it displays information about its progress as it parses and validates
the gridmap file.
By default, grid-mapfile-check-consistency will check the gridmap file named by the GRIDMAP environment variable if present. If that
variable is not set, it will check the file $HOME/.gridmap for non-root users if present. If that doesn't exist or
grid-mapfile-check-consistency is run as root, it will then check /etc/grid-security/grid-mapfile. This can be changed by the use of the
-mapfile or -f command-line options.
The full set of command-line options to grid-mapfile-check-consistency are:
-help, -h, -usage
Display the command-line options to grid-mapfile-check-consistency.
-version
Display the version number of the grid-mapfile-check-consistency command.
-mapfile MAPFILE, -f MAPFILE
Check the gridmap file named by MAPFILE instead of the default.
EXAMPLES
Check that the gridmap file in /etc/grid-security is valid:
% grid-mapfile-check-consistency -f /etc/grid-security/grid-mapfile
Checking /etc/grid-security/grid-mapfile
Verifying grid mapfile existence...OK
Checking for duplicate entries...OK
Checking for valid user names...OK
Check a gridmap file that has an invalid local user name:
% grid-mapfile-check-consistency -f /etc/grid-security/grid-mapfile
Checking /etc/grid-security/grid-mapfile
Verifying grid mapfile existence...OK
Checking for duplicate entries...OK
ERROR: baduser is not a valid local username
ERROR: Found 1 invalid username(s)
ENVIRONMENT VARIABLES
The following environment variables affect the execution of grid-mapfile-check-consistency:
GRIDMAP
Path to the default gridmap to check.
FILES
The following files affect the execution of grid-mapfile-check-consistency:
$HOME/.gridmap
Path to the default gridmap to check if the GRIDMAP environment variable is not set for non-root users.
/etc/grid-security/grid-mapfile
Path to the default gridmap to check if GRIDMAP environment variable is not set and the above file does not exist.
SEE ALSO grid-mapfile-add-entry(8), grid-mapfile-delete-entry(8)AUTHOR
University of Chicago
Globus Toolkit 5.0.1 03/19/2010 GRID-MAPFILE-CHECK(8)