I'd like to setup a cron job that checks e.g. every 24 hours to see if a 'find' command like the one below (which checks for malicious shell hacking scripts) has any results:
find /home/username/public_html -type f -print0 | xargs -0 egrep '(\/tmp\/cmd(temp)?|SnIpEr_SA|(c99|r57|php)shell|milw0rm)'
And if there are any resu开发者_如何学Golts, then I would receive an email at a specified email address like exam@ple.com.
Perhaps something where a cron job that calls a bash script is run once per day, where the find command is run via the bash script, and the bash script checks the number of characters that the find command returns and sends an email if greater than 0. Not sure if that's the best approach but it's the only one I could think of.
I don't know enough bash programming to implement that though (or any similar alternative) - what would an implementation of this look like?
The default action of cron is to email you if there is output from your script Just edit your crontab (crontab -e) and add the MAILTO variable at the top.
MAILTO=exam@ple.com
30 1 * * * find /home/username/public_html -type f -print0 | xargs -0 egrep '(\/tmp\/cmd(temp)?|SnIpEr_SA|(c99|r57|php)shell|milw0rm)'
精彩评论