diff --git a/README.md b/README.md index e7c7c51..cf830cb 100644 --- a/README.md +++ b/README.md @@ -11,8 +11,9 @@ ``` ``` Debian - apt install libclamav-dev libip4tc-dev libcurl4-openssl-dev #(或者libcurl4-gnutls-dev) - apt install libsystemd-dev libjson-c-dev libpcre2-dev clamav-freshclam + apt -y install libclamav-dev libip4tc-dev libcurl4-openssl-dev #(或者libcurl4-gnutls-dev) + apt -y install libsystemd-dev libjson-c-dev libpcre2-dev clamav-freshclam + apt -y install libltdl-dev freshclam # 更新病毒库(必要) @@ -34,8 +35,10 @@ Centos 7 yum -y install devtoolset-11-gcc source /opt/rh/devtoolset-11/enable #临时 echo "source /opt/rh/devtoolset-11/enable" >> /etc/profile #永久 - freshclam # 更新病毒库(必要) + mv /etc/cron.d/clamav-update /root + sed -i "s/DatabaseMirror .*/DatabaseMirror clamavdb.c3sl.ufpr.br/g" /etc/freshclam.conf + freshclam # 更新病毒库(必要) ``` diff --git a/denyhosts.sh b/denyhosts.sh deleted file mode 100644 index d8fbdfd..0000000 --- a/denyhosts.sh +++ /dev/null @@ -1,63 +0,0 @@ -#!/bin/bash -# -# System authorization information. -# SSH prevents violent cracking -# Email: aixiao@aixiao.me -# Time: 20170909 -# - -source /etc/profile - -function init() { - SEND_MAIL=1 - PWD_PATH="/root"; - TIME=`date +"%Y%m%d%H%M"`; - LOG_FILE="${PWD_PATH}/${TIME}.log"; - EMAIL_ADDRESS="1605227279@qq.com"; - IPTABLES=$(which iptables) - - IPTABLES_SAVE=$(which iptables-save) -} - -function run() -{ - echo "Read-Only Memory,ROM:" &>> ${LOG_FILE} - df -am &>> ${LOG_FILE} - - echo "random access memory,RAM:" &>> ${LOG_FILE} - free -hl &>> ${LOG_FILE} - - echo "System process:" &>> ${LOG_FILE} - ps -auxwwf &>> ${LOG_FILE} - - echo "Network Connections" &>> ${LOG_FILE} - netstat -tnulp &>> ${LOG_FILE} - - echo "System SSH authorization information:" &>> ${LOG_FILE} - /root/denyhosts/rhost | grep -E "^[0-9]" | awk '{a[$1]+=1;} END {for(i in a){print a[i]" "i;}}' &>> ${LOG_FILE} - - $IPTABLES_SAVE > /root/ipv4tables - - echo "" &>> ${LOG_FILE} - echo "Iptables filter table" &>> ${LOG_FILE} - $IPTABLES -L -n --line-numbers &>> ${LOG_FILE} - echo "" &>> ${LOG_FILE} - - if test $SEND_MAIL = 1; then - mail -s "System Log" ${EMAIL_ADDRESS} < ${LOG_FILE} - rm ${LOG_FILE} - fi - - sync -} - - -init; -run; -exit 0; -20190103 -20190911 -20191008 -20210614 -aixiao@aixiao.me - diff --git a/freshclam.conf b/freshclam.conf index 1d743bf..f90e71f 100644 --- a/freshclam.conf +++ b/freshclam.conf @@ -1,7 +1,7 @@ # Automatically created by the clamav-freshclam postinst # Comments will get lost when you reconfigure the clamav-freshclam package -DatabaseOwner clamav +DatabaseOwner root UpdateLogFile freshclam.log LogVerbose false LogSyslog false @@ -23,5 +23,5 @@ Bytecode true NotifyClamd /etc/clamav/clamd.conf # Check for new database 24 times a day Checks 24 -DatabaseMirror db.local.clamav.net -DatabaseMirror database.clamav.net +DatabaseMirror clamavdb.c3sl.ufpr.br +DatabaseMirror db.cn.clamav.net diff --git a/init.sh b/init.sh new file mode 100644 index 0000000..ac384f6 --- /dev/null +++ b/init.sh @@ -0,0 +1,83 @@ +: + +check_os() +{ + if cat /etc/issue | grep -i 'ubuntu' >> /dev/null 2>&1 ; then + OS=ubuntu + OS_VER=$(cat /etc/issue | head -n1 | awk '{print$2}') + echo -e SYSTEM: UBUNTU $(uname -m) ${OS_VER}\\nKERNEL: $(uname -sr) + elif test -f /etc/debian_version ; then + OS=debian + OS_VER=$(cat /etc/debian_version) + echo -e SYSTEM: DEBIAN $(uname -m) ${OS_VER}\\nKERNEL: $(uname -sr) + elif test -f /etc/centos-release ; then + OS=centos + OS_VER=$(cat /etc/centos-release | grep -o -E '[0-9.]{3,}') 2>> /dev/null + echo -e SYSTEM: CENTOS $(uname -m) ${OS_VER}\\nKERNEL: $(uname -sr) + else + echo The system does not support + exit 3 + fi +} + +pkg_install() +{ + if test "$OS" = "ubuntu" -o "$OS" = "debian"; then + apt -y install build-essential + apt -y install make + apt -y install tmux + apt -y install libclamav-dev libip4tc-dev libcurl4-openssl-dev #(或者libcurl4-gnutls-dev) + apt -y install libsystemd-dev libjson-c-dev libpcre2-dev clamav-freshclam + apt -y install libltdl-dev + + #Debian系统使用libiptc库需要nftables切换到iptables + #Switching to the legacy version:(切换到 iptables) + update-alternatives --set iptables /usr/sbin/iptables-legacy + update-alternatives --set ip6tables /usr/sbin/ip6tables-legacy + update-alternatives --set arptables /usr/sbin/arptables-legacy + update-alternatives --set ebtables /usr/sbin/ebtables-legacy + + freshclam # 更新病毒库(必要) + else + yum -y groupinstall "Development Tools" + yum -y install make + yum -y install tmux + yum -y install clamav clamav-update clamav-lib clamav-devel json-c-devel pcre2-devel + yum -y install iptables-devel libcurl-devel + yum -y install systemd-devel libtool-ltdl-devel + + yum -y install centos-release-scl + yum -y install devtoolset-11-gcc + #source /opt/rh/devtoolset-11/enable #临时 + echo "source /opt/rh/devtoolset-11/enable" >> /etc/profile #永久 + + freshclam # 更新病毒库(必要) + fi + +} + +main() +{ + make clean; make + + if test -f /etc/cron.d/clamav-update; then # 去除自动更新病毒库 + mv /etc/cron.d/clamav-update /root + fi + + if test -f /etc/freshclam.conf; then # 更改病毒库镜像 + sed -i "s/DatabaseMirror .*/DatabaseMirror clamavdb.c3sl.ufpr.br/g" /etc/freshclam.conf + fi + + if test -f /etc/clamav/freshclam.conf; then + /etc/clamav/freshclam.conf + fi + + + tmux new -d -s main && tmux send -t main './rhost -d' ENTER + + tmux at -t main +} + +check_os +pkg_install +main diff --git a/rhost.c b/rhost.c index 25b588b..09dc442 100644 --- a/rhost.c +++ b/rhost.c @@ -552,7 +552,9 @@ int _crontab(struct tm **calnext, char *string) int main(int argc, char *argv[], char **env) { - if (CENTOS_SYSTEM == check_system()) { + + // 更新病毒库 + if (DEBISN_SYSTEM == check_system() || CENTOS_SYSTEM == check_system()) { char **head_argvs; int head_argc = 0; char *argvs[ARGS_NUM] = { NULL }; @@ -564,13 +566,6 @@ int main(int argc, char *argv[], char **env) head_argvs = &(argvs[0]); head_argc = 2; - /* - for(int i=0; iCLAMAV_ARG) + { + char temp[BUFFER]; + char *p, *p1; + + memset(temp, 0, BUFFER); + memset(move, 0, BUFFER); + + p = strstr(conf->CLAMAV_ARG, "--move="); + if (p != NULL) + { + p1 = strstr(p, " "); + + if ((p1-p) > 7) + { + memcpy(temp, p, p1-p); + p = strstr(temp, "="); + + strcpy(move, "mkdir -p "); + strcat(move, p+1); + + //printf("%s %ld \n", move, strlen(move)); + + system(move); + } + } + } + // 处理clamav参数 char **head_argvs; int head_argc = 0; diff --git a/rhost.conf b/rhost.conf index c31f66a..85c7a32 100644 --- a/rhost.conf +++ b/rhost.conf @@ -11,7 +11,7 @@ global { CLAMAV = 1; // clamav 是否扫描病毒(测试阶段)(1开启,非1关闭) CLAMAV_ARG = "-r / --exclude-dir="^/sys|^/dev|^/proc|^/opt/infected|^/root|^/home|^/mnt" --move=/opt/infected --max-filesize 1024M -l clamscan.log"; - CLAMAV_TIME = "* 17 13 * * *"; // clamav 扫描时间(Cron格式, 秒 分 时 天 月 周) + CLAMAV_TIME = "* 50 13 * * *"; // clamav 扫描时间(Cron格式, 秒 分 时 天 月 周) IPV4_RESTRICTION = 1; // 是否启用IP白名单(1开启,非1关闭)