NoPaste

/etc/cron.daily/maldet

von hume

SNIPPET_TEXT:
  1. bash -x /etc/cron.daily/maldet
  2. + export PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
  3. + PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games
  4. + export LMDCRON=1
  5. + LMDCRON=1
  6. + inspath=/usr/local/maldetect
  7. + intcnf=/usr/local/maldetect/internals/internals.conf
  8. + '[' -f /usr/local/maldetect/internals/internals.conf ']'
  9. + source /usr/local/maldetect/internals/internals.conf
  10. ++ inspath=/usr/local/maldetect
  11. ++ intcnf=/usr/local/maldetect/internals/internals.conf
  12. ++ libpath=/usr/local/maldetect/internals
  13. ++ intfunc=/usr/local/maldetect/internals/functions
  14. ++ logdir=/usr/local/maldetect/logs
  15. ++ confpath=/usr/local/maldetect
  16. ++ cnffile=conf.maldet
  17. ++ cnf=/usr/local/maldetect/conf.maldet
  18. ++ varlibpath=/usr/local/maldetect
  19. ++ maldet_log=/usr/local/maldetect/logs/event_log
  20. ++ clamscan_log=/usr/local/maldetect/logs/clamscan_log
  21. +++ date +%y%m%d-%H%M
  22. ++ datestamp=170529-1431
  23. +++ date +%s
  24. ++ utime=1496061113
  25. +++ whoami
  26. ++ user=root
  27. ++ '[' linux-gnu == FreeBSD ']'
  28. +++ which md5sum
  29. ++ md5sum=/usr/bin/md5sum
  30. +++ which hostid
  31. ++ hostid=/usr/bin/hostid
  32. ++ '[' /usr/bin/hostid ']'
  33. +++ /usr/bin/hostid
  34. +++ /usr/bin/md5sum
  35. +++ awk '{print$1}'
  36. ++ hostid=f1ae9696dcaea09a9d0306051ab1f238
  37. ++ storename_prefix=f1ae9696dcaea09a9d0306051ab1f238.24465
  38. +++ which od
  39. ++ od=/usr/bin/od
  40. +++ which find
  41. ++ find=/usr/bin/find
  42. +++ which perl
  43. ++ perl=/usr/bin/perl
  44. +++ which nice
  45. ++ nice=/usr/bin/nice
  46. +++ which cpulimit
  47. ++ cpulimit=
  48. +++ which ionice
  49. ++ ionice=/usr/bin/ionice
  50. +++ which wc
  51. ++ wc=/usr/bin/wc
  52. +++ which mail
  53. ++ mail=/usr/bin/mail
  54. +++ which pidof
  55. ++ pidof=/bin/pidof
  56. +++ which sed
  57. ++ sed=/bin/sed
  58. +++ which stat
  59. ++ stat=/usr/bin/stat
  60. +++ which logger
  61. ++ logger=/usr/bin/logger
  62. ++ clamscan_extraopts=
  63. ++ clamdscan_extraopts=
  64. +++ which clamdscan
  65. ++ clamdscan=
  66. ++ ignore_paths=/usr/local/maldetect/ignore_paths
  67. ++ ignore_sigs=/usr/local/maldetect/ignore_sigs
  68. ++ ignore_inotify=/usr/local/maldetect/ignore_inotify
  69. ++ ignore_file_ext=/usr/local/maldetect/ignore_file_ext
  70. ++ quardir=/usr/local/maldetect/quarantine
  71. ++ sessdir=/usr/local/maldetect/sess
  72. ++ sigdir=/usr/local/maldetect/sigs
  73. ++ cldir=/usr/local/maldetect/clean
  74. ++ tmpdir=/usr/local/maldetect/tmp
  75. ++ userbasedir=/usr/local/maldetect/pub
  76. ++ hits_history=/usr/local/maldetect/sess/hits.hist
  77. ++ quar_history=/usr/local/maldetect/sess/quarantine.hist
  78. ++ clean_history=/usr/local/maldetect/sess/clean.hist
  79. ++ suspend_history=/usr/local/maldetect/sess/suspend.hist
  80. ++ monitor_scanned_history=/usr/local/maldetect/sess/monitor.scanned.hist
  81. ++ sig_version_file=/usr/local/maldetect/sigs/maldet.sigs.ver
  82. ++ '[' -f /usr/local/maldetect/sigs/maldet.sigs.ver ']'
  83. +++ cat /usr/local/maldetect/sigs/maldet.sigs.ver
  84. ++ sig_version=2017051530038
  85. ++ sig_version_url=https://cdn.rfxn.com/downloads/maldet.sigs.ver
  86. ++ sig_sigpack_url=https://cdn.rfxn.com/downloads/maldet-sigpack.tgz
  87. ++ sig_clpack_url=https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz
  88. ++ sig_md5_file=/usr/local/maldetect/sigs/md5v2.dat
  89. ++ sig_hex_file=/usr/local/maldetect/sigs/hex.dat
  90. ++ sig_yara_file=/usr/local/maldetect/sigs/rfxn.yara
  91. ++ sig_cav_hex_file=/usr/local/maldetect/sigs/rfxn.ndb
  92. ++ sig_cav_md5_file=/usr/local/maldetect/sigs/rfxn.hdb
  93. ++ sig_cust_md5_file=/usr/local/maldetect/sigs/custom.md5.dat
  94. ++ sig_cust_hex_file=/usr/local/maldetect/sigs/custom.hex.dat
  95. ++ lmd_versionsion_file=/usr/local/maldetect/VERSION
  96. ++ lmd_version=
  97. ++ lmd_referer=LMD::f1ae9696dcaea09a9d0306051ab1f238
  98. ++ lmd_hash_file=/usr/local/maldetect/internals/VERSION.hash
  99. ++ lmd_hash_url=https://cdn.rfxn.com/downloads/maldet.current.hash
  100. ++ lmd_version_url=https://cdn.rfxn.com/downloads/maldet.current.ver
  101. ++ lmd_current_tgzbase_url=https://cdn.rfxn.com/downloads
  102. ++ lmd_current_tgzfile=maldetect-current.tar.gz
  103. ++ remote_uri_timeout=10
  104. ++ remote_uri_retries=3
  105. ++ clamav_paths='/usr/local/cpanel/3rdparty/share/clamav/ /var/lib/clamav/ /var/clamav/ /usr/share/clamav/ /usr/local/share/clamav'
  106. ++ tlog=/usr/local/maldetect/internals/tlog
  107. +++ which inotifywait
  108. ++ inotify=
  109. ++ inotify_log=/usr/local/maldetect/logs/inotify_log
  110. ++ inotify_user_instances=128
  111. ++ inotify_trim=150000
  112. ++ hex_fifo_path=/usr/local/maldetect/internals/hexfifo
  113. ++ hex_fifo_script=/usr/local/maldetect/internals/hexfifo.pl
  114. ++ hex_string_script=/usr/local/maldetect/internals/hexstring.pl
  115. ++ scan_user_access_minuid=30
  116. ++ find_opts='-regextype posix-egrep'
  117. ++ email_template=/usr/local/maldetect/internals/scan.etpl
  118. +++ hostname
  119. ++ email_subj='maldet alert from ***'
  120. ++ cron_custom_exec=/usr/local/maldetect/cron/custom.cron
  121. ++ cron_custom_conf=/usr/local/maldetect/cron/conf.maldet.cron
  122. ++ compatcnf=/usr/local/maldetect/internals/compat.conf
  123. ++ '[' linux-gnu == FreeBSD ']'
  124. + '[' -f /usr/local/maldetect/conf.maldet ']'
  125. + source /usr/local/maldetect/conf.maldet
  126. ++ email_alert=1
  127. ++ email_addr=****
  128. ++ email_ignore_clean=1
  129. ++ autoupdate_signatures=1
  130. ++ autoupdate_version=1
  131. ++ autoupdate_version_hashed=1
  132. ++ cron_prune_days=21
  133. ++ import_config_url=
  134. ++ import_config_expire=43200
  135. ++ import_custsigs_md5_url=
  136. ++ import_custsigs_hex_url=
  137. ++ scan_max_depth=15
  138. ++ scan_min_filesize=24
  139. ++ scan_max_filesize=2048k
  140. ++ scan_hexdepth=65536
  141. ++ scan_hexfifo=1
  142. ++ scan_hexfifo_depth=524288
  143. ++ scan_clamscan=1
  144. ++ scan_tmpdir_paths='/tmp /var/tmp /dev/shm'
  145. ++ scan_user_access=0
  146. ++ scan_cpunice=19
  147. ++ scan_ionice=6
  148. ++ scan_cpulimit=0
  149. ++ scan_ignore_root=1
  150. ++ scan_ignore_user=
  151. ++ scan_ignore_group=
  152. ++ scan_find_timeout=0
  153. ++ scan_export_filelist=0
  154. ++ quarantine_hits=1
  155. ++ quarantine_clean=1
  156. ++ quarantine_suspend_user=0
  157. ++ quarantine_suspend_user_minuid=500
  158. ++ default_monitor_mode=
  159. ++ inotify_base_watches=16384
  160. ++ inotify_sleep=30
  161. ++ inotify_reloadtime=3600
  162. ++ inotify_minuid=500
  163. ++ inotify_docroot=public_html,public_ftp
  164. ++ inotify_cpunice=18
  165. ++ inotify_ionice=6
  166. ++ inotify_cpulimit=0
  167. ++ inotify_verbose=0
  168. ++ string_length_scan=0
  169. ++ string_length=150000
  170. + '[' -f /usr/local/maldetect/internals/compat.conf ']'
  171. + source /usr/local/maldetect/internals/compat.conf
  172. ++ '[' '!' '' ']'
  173. ++ '[' '' ']'
  174. ++ '[' '!' 1 ']'
  175. ++ '[' '!' 0 ']'
  176. ++ '[' '!' 500 ']'
  177. ++ '[' '!' 15 ']'
  178. ++ '[' '!' 24 ']'
  179. ++ '[' '!' 2048k ']'
  180. ++ '[' '!' 65536 ']'
  181. ++ '[' '!' 1 ']'
  182. ++ '[' '!' 524288 ']'
  183. ++ '[' '!' 1 ']'
  184. ++ '[' '!' '/tmp /var/tmp /dev/shm' ']'
  185. ++ '[' '!' 0 ']'
  186. ++ '[' '!' 30 ']'
  187. ++ '[' '!' 19 ']'
  188. ++ '[' '!' 30 ']'
  189. ++ '[' '!' public_html,public_ftp ']'
  190. ++ '[' '!' 18 ']'
  191. ++ '[' '!' /usr/local/maldetect/sigs/maldet.sigs.ver ']'
  192. ++ '[' '!' https://cdn.rfxn.com/downloads/maldet.sigs.ver ']'
  193. ++ '[' '!' 2017051530038 ']'
  194. ++ '[' '!' https://cdn.rfxn.com/downloads/maldet-sigpack.tgz ']'
  195. ++ '[' '!' https://cdn.rfxn.com/downloads/maldet-cleanv2.tgz ']'
  196. ++ '[' '!' /usr/local/maldetect/sigs/md5v2.dat ']'
  197. ++ '[' '!' /usr/local/maldetect/sigs/hex.dat ']'
  198. ++ '[' '!' /usr/local/maldetect/sigs/rfxn.ndb ']'
  199. ++ '[' '!' /usr/local/maldetect/sigs/rfxn.hdb ']'
  200. ++ '[' '!' /usr/local/maldetect/sigs/custom.md5.dat ']'
  201. ++ '[' '!' /usr/local/maldetect/sigs/custom.hex.dat ']'
  202. ++ '[' '!' '' ']'
  203. ++ '[' '' ']'
  204. ++ '[' '!' '' ']'
  205. ++ '[' '' ']'
  206. ++ '[' '!' /usr/local/maldetect/internals/VERSION.hash ']'
  207. ++ '[' '!' https://cdn.rfxn.com/downloads/maldet.current.hash ']'
  208. ++ '[' '!' https://cdn.rfxn.com/downloads/maldet.current.ver ']'
  209. ++ '[' '!' /usr/local/maldetect/internals/hexfifo ']'
  210. ++ '[' '!' /usr/local/maldetect/internals/hexstring.pl ']'
  211. ++ '[' '!' /usr/local/maldetect/internals/hexfifo.pl ']'
  212. + '[' -f /etc/sysconfig/maldet ']'
  213. + '[' -f /etc/default/maldet ']'
  214. + . /etc/default/maldet
  215. + '[' -f /usr/local/maldetect/cron/conf.maldet.cron ']'
  216. + . /usr/local/maldetect/cron/conf.maldet.cron
  217. + '[' -z '' ']'
  218. + scan_days=1
  219. + '[' -z 21 ']'
  220. + '[' /usr/bin/find ']'
  221. + tmpdirs='/usr/local/maldetect/tmp /usr/local/maldetect/sess /usr/local/maldetect/quarantine /usr/local/maldetect/pub'
  222. + for dir in '$tmpdirs'
  223. + '[' -d /usr/local/maldetect/tmp ']'
  224. + /usr/bin/find /usr/local/maldetect/tmp -type f -mtime +21 -print0
  225. + xargs -0 rm -f
  226. + for dir in '$tmpdirs'
  227. + '[' -d /usr/local/maldetect/sess ']'
  228. + /usr/bin/find /usr/local/maldetect/sess -type f -mtime +21 -print0
  229. + xargs -0 rm -f
  230. + for dir in '$tmpdirs'
  231. + '[' -d /usr/local/maldetect/quarantine ']'
  232. + /usr/bin/find /usr/local/maldetect/quarantine -type f -mtime +21 -print0
  233. + xargs -0 rm -f
  234. + for dir in '$tmpdirs'
  235. + '[' -d /usr/local/maldetect/pub ']'
  236. + /usr/bin/find /usr/local/maldetect/pub -type f -mtime +21 -print0
  237. + xargs -0 rm -f
  238. + '[' 1 == 1 ']'
  239. ++ echo 14986
  240. ++ cut -c1-3
  241. + sleep 149

Quellcode

Hier kannst du den Code kopieren und ihn in deinen bevorzugten Editor einfügen. PASTEBIN_DOWNLOAD_SNIPPET_EXPLAIN

Verlinken

URL: alles markieren
https://nopaste.debianforum.de/39828

BBCode: alles markieren
[NP]39828[/NP]

LATEST_SNIPPETS