/etc/cron.daily/maldet
von hume- SNIPPET_TEXT:
-
- bash -x /etc/cron.daily/maldet
- + export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
- + PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
- + export LMDCRON=1
- + LMDCRON=1
- + inspath=/usr/local/maldetect
- + intcnf=/usr/local/maldetect/internals/internals.conf
- + '[' -f /usr/local/maldetect/internals/internals.conf ']'
- + source /usr/local/maldetect/internals/internals.conf
- ++ inspath=/usr/local/maldetect
- ++ intcnf=/usr/local/maldetect/internals/internals.conf
- ++ libpath=/usr/local/maldetect/internals
- ++ intfunc=/usr/local/maldetect/internals/functions
- ++ logdir=/usr/local/maldetect/logs
- ++ confpath=/usr/local/maldetect
- ++ cnffile=conf.maldet
- ++ cnf=/usr/local/maldetect/conf.maldet
- ++ varlibpath=/usr/local/maldetect
- ++ maldet_log=/usr/local/maldetect/logs/event_log
- ++ clamscan_log=/usr/local/maldetect/logs/clamscan_log
- +++ date +%y%m%d-%H%M
- ++ datestamp=170529-1431
- +++ date +%s
- ++ utime=1496061113
- +++ whoami
- ++ user=root
- ++ '[' linux-gnu == FreeBSD ']'
- +++ which md5sum
- ++ md5sum=/usr/bin/md5sum
- +++ which hostid
- ++ hostid=/usr/bin/hostid
- ++ '[' /usr/bin/hostid ']'
- +++ /usr/bin/hostid
- +++ /usr/bin/md5sum
- +++ awk '{print$1}'
- ++ hostid=f1ae9696dcaea09a9d0306051ab1f238
- ++ storename_prefix=f1ae9696dcaea09a9d0306051ab1f238.24465
- +++ which od
- ++ od=/usr/bin/od
- +++ which find
- ++ find=/usr/bin/find
- +++ which perl
- ++ perl=/usr/bin/perl
- +++ which nice
- ++ nice=/usr/bin/nice
- +++ which cpulimit
- ++ cpulimit=
- +++ which ionice
- ++ ionice=/usr/bin/ionice
- +++ which wc
- ++ wc=/usr/bin/wc
- +++ which mail
- ++ mail=/usr/bin/mail
- +++ which pidof
- ++ pidof=/bin/pidof
- +++ which sed
- ++ sed=/bin/sed
- +++ which stat
- ++ stat=/usr/bin/stat
- +++ which logger
- ++ logger=/usr/bin/logger
- ++ clamscan_extraopts=
- ++ clamdscan_extraopts=
- +++ which clamdscan
- ++ clamdscan=
- ++ ignore_paths=/usr/local/maldetect/ignore_paths
- ++ ignore_sigs=/usr/local/maldetect/ignore_sigs
- ++ ignore_inotify=/usr/local/maldetect/ignore_inotify
- ++ ignore_file_ext=/usr/local/maldetect/ignore_file_ext
- ++ quardir=/usr/local/maldetect/quarantine
- ++ sessdir=/usr/local/maldetect/sess
- ++ sigdir=/usr/local/maldetect/sigs
- ++ cldir=/usr/local/maldetect/clean
- ++ tmpdir=/usr/local/maldetect/tmp
- ++ userbasedir=/usr/local/maldetect/pub
- ++ hits_history=/usr/local/maldetect/sess/hits.hist
- ++ quar_history=/usr/local/maldetect/sess/quarantine.hist
- ++ clean_history=/usr/local/maldetect/sess/clean.hist
- ++ suspend_history=/usr/local/maldetect/sess/suspend.hist
- ++ monitor_scanned_history=/usr/local/maldetect/sess/monitor.scanned.hist
- ++ sig_version_file=/usr/local/maldetect/sigs/maldet.sigs.ver
- ++ '[' -f /usr/local/maldetect/sigs/maldet.sigs.ver ']'
- +++ cat /usr/local/maldetect/sigs/maldet.sigs.ver
- ++ sig_version=2017051530038
- ++ sig_version_url=https://cdn.rfxn.com/downloads/maldet.sigs.ver
- ++ sig_sigpack_url=https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
- ++ sig_clpack_url=https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
- ++ sig_md5_file=/usr/local/maldetect/sigs/md5v2.dat
- ++ sig_hex_file=/usr/local/maldetect/sigs/hex.dat
- ++ sig_yara_file=/usr/local/maldetect/sigs/rfxn.yara
- ++ sig_cav_hex_file=/usr/local/maldetect/sigs/rfxn.ndb
- ++ sig_cav_md5_file=/usr/local/maldetect/sigs/rfxn.hdb
- ++ sig_cust_md5_file=/usr/local/maldetect/sigs/custom.md5.dat
- ++ sig_cust_hex_file=/usr/local/maldetect/sigs/custom.hex.dat
- ++ lmd_versionsion_file=/usr/local/maldetect/VERSION
- ++ lmd_version=
- ++ lmd_referer=LMD::f1ae9696dcaea09a9d0306051ab1f238
- ++ lmd_hash_file=/usr/local/maldetect/internals/VERSION.hash
- ++ lmd_hash_url=https://cdn.rfxn.com/downloads/maldet.current.hash
- ++ lmd_version_url=https://cdn.rfxn.com/downloads/maldet.current.ver
- ++ lmd_current_tgzbase_url=https://cdn.rfxn.com/downloads
- ++ lmd_current_tgzfile=maldetect-current.tar.gz
- ++ remote_uri_timeout=10
- ++ remote_uri_retries=3
- ++ clamav_paths='/usr/local/cpanel/3rdparty/share/clamav/ /var/lib/clamav/ /var/clamav/ /usr/share/clamav/ /usr/local/share/clamav'
- ++ tlog=/usr/local/maldetect/internals/tlog
- +++ which inotifywait
- ++ inotify=
- ++ inotify_log=/usr/local/maldetect/logs/inotify_log
- ++ inotify_user_instances=128
- ++ inotify_trim=150000
- ++ hex_fifo_path=/usr/local/maldetect/internals/hexfifo
- ++ hex_fifo_script=/usr/local/maldetect/internals/hexfifo.pl
- ++ hex_string_script=/usr/local/maldetect/internals/hexstring.pl
- ++ scan_user_access_minuid=30
- ++ find_opts='-regextype posix-egrep'
- ++ email_template=/usr/local/maldetect/internals/scan.etpl
- +++ hostname
- ++ email_subj='maldet alert from ***'
- ++ cron_custom_exec=/usr/local/maldetect/cron/custom.cron
- ++ cron_custom_conf=/usr/local/maldetect/cron/conf.maldet.cron
- ++ compatcnf=/usr/local/maldetect/internals/compat.conf
- ++ '[' linux-gnu == FreeBSD ']'
- + '[' -f /usr/local/maldetect/conf.maldet ']'
- + source /usr/local/maldetect/conf.maldet
- ++ email_alert=1
- ++ email_addr=****
- ++ email_ignore_clean=1
- ++ autoupdate_signatures=1
- ++ autoupdate_version=1
- ++ autoupdate_version_hashed=1
- ++ cron_prune_days=21
- ++ import_config_url=
- ++ import_config_expire=43200
- ++ import_custsigs_md5_url=
- ++ import_custsigs_hex_url=
- ++ scan_max_depth=15
- ++ scan_min_filesize=24
- ++ scan_max_filesize=2048k
- ++ scan_hexdepth=65536
- ++ scan_hexfifo=1
- ++ scan_hexfifo_depth=524288
- ++ scan_clamscan=1
- ++ scan_tmpdir_paths='/tmp /var/tmp /dev/shm'
- ++ scan_user_access=0
- ++ scan_cpunice=19
- ++ scan_ionice=6
- ++ scan_cpulimit=0
- ++ scan_ignore_root=1
- ++ scan_ignore_user=
- ++ scan_ignore_group=
- ++ scan_find_timeout=0
- ++ scan_export_filelist=0
- ++ quarantine_hits=1
- ++ quarantine_clean=1
- ++ quarantine_suspend_user=0
- ++ quarantine_suspend_user_minuid=500
- ++ default_monitor_mode=
- ++ inotify_base_watches=16384
- ++ inotify_sleep=30
- ++ inotify_reloadtime=3600
- ++ inotify_minuid=500
- ++ inotify_docroot=public_html,public_ftp
- ++ inotify_cpunice=18
- ++ inotify_ionice=6
- ++ inotify_cpulimit=0
- ++ inotify_verbose=0
- ++ string_length_scan=0
- ++ string_length=150000
- + '[' -f /usr/local/maldetect/internals/compat.conf ']'
- + source /usr/local/maldetect/internals/compat.conf
- ++ '[' '!' '' ']'
- ++ '[' '' ']'
- ++ '[' '!' 1 ']'
- ++ '[' '!' 0 ']'
- ++ '[' '!' 500 ']'
- ++ '[' '!' 15 ']'
- ++ '[' '!' 24 ']'
- ++ '[' '!' 2048k ']'
- ++ '[' '!' 65536 ']'
- ++ '[' '!' 1 ']'
- ++ '[' '!' 524288 ']'
- ++ '[' '!' 1 ']'
- ++ '[' '!' '/tmp /var/tmp /dev/shm' ']'
- ++ '[' '!' 0 ']'
- ++ '[' '!' 30 ']'
- ++ '[' '!' 19 ']'
- ++ '[' '!' 30 ']'
- ++ '[' '!' public_html,public_ftp ']'
- ++ '[' '!' 18 ']'
- ++ '[' '!' /usr/local/maldetect/sigs/maldet.sigs.ver ']'
- ++ '[' '!' https://cdn.rfxn.com/downloads/maldet.sigs.ver ']'
- ++ '[' '!' 2017051530038 ']'
- ++ '[' '!' https://cdn.rfxn.com/downloads/maldet-sigpack.tgz ']'
- ++ '[' '!' https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz ']'
- ++ '[' '!' /usr/local/maldetect/sigs/md5v2.dat ']'
- ++ '[' '!' /usr/local/maldetect/sigs/hex.dat ']'
- ++ '[' '!' /usr/local/maldetect/sigs/rfxn.ndb ']'
- ++ '[' '!' /usr/local/maldetect/sigs/rfxn.hdb ']'
- ++ '[' '!' /usr/local/maldetect/sigs/custom.md5.dat ']'
- ++ '[' '!' /usr/local/maldetect/sigs/custom.hex.dat ']'
- ++ '[' '!' '' ']'
- ++ '[' '' ']'
- ++ '[' '!' '' ']'
- ++ '[' '' ']'
- ++ '[' '!' /usr/local/maldetect/internals/VERSION.hash ']'
- ++ '[' '!' https://cdn.rfxn.com/downloads/maldet.current.hash ']'
- ++ '[' '!' https://cdn.rfxn.com/downloads/maldet.current.ver ']'
- ++ '[' '!' /usr/local/maldetect/internals/hexfifo ']'
- ++ '[' '!' /usr/local/maldetect/internals/hexstring.pl ']'
- ++ '[' '!' /usr/local/maldetect/internals/hexfifo.pl ']'
- + '[' -f /etc/sysconfig/maldet ']'
- + '[' -f /etc/default/maldet ']'
- + . /etc/default/maldet
- + '[' -f /usr/local/maldetect/cron/conf.maldet.cron ']'
- + . /usr/local/maldetect/cron/conf.maldet.cron
- + '[' -z '' ']'
- + scan_days=1
- + '[' -z 21 ']'
- + '[' /usr/bin/find ']'
- + tmpdirs='/usr/local/maldetect/tmp /usr/local/maldetect/sess /usr/local/maldetect/quarantine /usr/local/maldetect/pub'
- + for dir in '$tmpdirs'
- + '[' -d /usr/local/maldetect/tmp ']'
- + /usr/bin/find /usr/local/maldetect/tmp -type f -mtime +21 -print0
- + xargs -0 rm -f
- + for dir in '$tmpdirs'
- + '[' -d /usr/local/maldetect/sess ']'
- + /usr/bin/find /usr/local/maldetect/sess -type f -mtime +21 -print0
- + xargs -0 rm -f
- + for dir in '$tmpdirs'
- + '[' -d /usr/local/maldetect/quarantine ']'
- + /usr/bin/find /usr/local/maldetect/quarantine -type f -mtime +21 -print0
- + xargs -0 rm -f
- + for dir in '$tmpdirs'
- + '[' -d /usr/local/maldetect/pub ']'
- + /usr/bin/find /usr/local/maldetect/pub -type f -mtime +21 -print0
- + xargs -0 rm -f
- + '[' 1 == 1 ']'
- ++ echo 14986
- ++ cut -c1-3
- + sleep 149
Quellcode
Hier kannst du den Code kopieren und ihn in deinen bevorzugten Editor einfügen. PASTEBIN_DOWNLOAD_SNIPPET_EXPLAIN