Shell脚本实现检查服务器安全状态(用户、登录IP、防火墙检查)
说明:大家平时对Linux服务器安全主要是对系统用户的检查,登陆服务器IP检查,以及防火墙状态检查!
1.需要把正确系统用户名存储在/root/liu_shell/local_user.txt文件中,然后进行比较!
2.对登陆IP判断是不是以192.168.1和192.168.2开头的IP为正常IP!
3.判断iptables状态!
#!/usr/bin/python #coding=utf-8 importsys,os,re,socket host=str(socket.gethostname().strip()) fuhao=os.linesep defuser_panduan(): file01=file('/etc/passwd') mmm=[] forxxinfile01: mmm.append(re.split(':',xx)[0]) file01.close() file02=file('/root/liu_shell/new_user.txt','w') foryyinmmm: file02.write('%s%s'%(yy,fuhao)) file02.close() f_local=file('/root/liu_shell/local_user.txt') f_new=file('/root/liu_shell/new_user.txt') local_user=[] new_user=[] forline1inf_local: line1=line1.strip() local_user.append(line1) forline2inf_new: line2=line2.strip() new_user.append(line2) f_local.close() f_new.close() iflocal_user==new_user: print'host:%suserok'%host else: cmd="echo'host:%susererror'|mail-s user_error331095659@qq.com"%host os.system(cmd) defip_panduan(): os.system("last|awk'{print$3}'|grep-v[a-z]|grep-v^$|sort|uniq>/root/liu_shell/local_ip.txt") f_ip=file('/root/liu_shell/local_ip.txt') local_ip=[] forlineinf_ip: line=line.strip() local_ip.append(line) foraainlocal_ip: kk=re.match('192.168.1|192.168.2',aa) ifkk: print'host:%sipok'%host else: cmd="echo'host:%siperror'|mail-s ip_error331095659@qq.com"%host os.system(cmd) defiptables_panduan(): iptables_status=int(os.popen("/sbin/iptables-nL|grep-v^$|wc-l").readline().strip()) ifiptables_status==6: cmd="echo'host:%siptablesnotrunning!'|mail-s iptables331095659@qq.com"%host os.system(cmd) else: print'host:%siptablerunningok'%host user_panduan() ip_panduan() iptables_panduan()