Shulou(Shulou.com)06/02 Report--

Preface

Mac record and port scan script development system monitoring script 1: script programming step sharing 1.1 script programming step 1.2 requirement analysis according to the needs of system management, analyze the functions to be implemented by the script, the level of function implementation, commands and statements to be implemented, etc. 1.3 commands to be used in the test are tested one by one The tested commands are written into the script file by 1.4 script programming such as determining the options to be used and the variables to be set, and 1.5 debugging optimizations such as saving, judging or alarming the results of command execution through various statements are used to test the script. and optimize according to the results suggest programming while debugging To reduce the occurrence of errors 2: mac records and port scan script 2.1Enterprise environment indicates that with the continuous development of the business, a company is using more and more Linux servers. In the process of system management and maintenance, it is often necessary to write some small scripts to assist the operation and maintenance work and improve work efficiency. 2.2.The requirement description writes a small script named system.sh, which records the mac address of each host in the local area network and saves it to the / etc/ethers file. If this file already exists, it should be transferred for backup first. One record per line, first listed as ip address, second listed as corresponding mac address to check which hosts have enabled anonymous ftp service, scan all ip addresses of / etc/ethers file, scan port 212.3 command test analysis: record the mac address of each host in the local area network and save it to / etc/ethers file; if this file already exists, it should be transferred for backup first Check which hosts have enabled anonymous ftp service, scan all ip addresses of / etc/ethers files, and scan port 21arping-c 2-w 1-I network card name ip address / / send mac address resolution request Or use pingarp-n record macawk print ip and mac address to test the ftp service [root@localhost] # arping-c 2-w 1-I ens33 192.168.247.134ARPING 192.168.247.134 from 192.168.247.136 ens33Unicast reply from 192.168.247.134 [00:0C:29:52:4D:89] 1.452msUnicast reply from 192.168.247.134 [00:0C:29:52:4D:89] 1 .182 msSent 2 probes (1 broadcast (s)) Received 2 response (s)

To configure ftp anonymous access mode, first enter the command "vi / etc/vsftpd/vsftpd.conf" to open the ftp service specific configuration file

Make changes (some changes, no additions) (go to the "#")

Parameter functions as anonymous_enable=YES to allow anonymous access to the mode. The umask value of the file uploaded by the anon_umask=022 anonymous user. Anon_upload_enable=YES allows anonymous users to upload files anon_mkdir_write_enable=YES allows anonymous users to create directories anon_other_write_enable=YES allows anonymous users to modify directory names or delete directories script programming and debugging sends ARP requests through arping commands, use if statements to record mac addresses to variables based on feedback results, use circular statements as prefixes to detect addresses, repeatedly detect targets and record mac addresses The host address is 1-254.The awk command filters out all ip addresses in the / etc/ethers file, assigns values to variables, uses looping statements, reads ip addresses in variables, and repeatedly detects whether the ftp is open #! / bin/bash# test file exists. If so, back up the current file [- f / etc/ethers] if [$?-eq 0] thencp-p / etc/ethers / etc/ethers.bakfi# to ping254 addresses. Append the successful ip address and mac to / ethersfor I / dev/null if [$?-eq 0] then echo "192.168.247.Survival" fidonearp-n | grep "ether" | awk'{print $1 @ nmap scanning software rpm-Q nmapif [$?-eq 1] then yum clean all yum list yum install nmap-y [$?-eq 0] & & echo "does not have namp scanning tool installed Currently installed for you "fi# checks which ip has enabled anonymous service ftp service, that is, port 22 for an in $(cat / etc/ethers | awk'{print $1}') dom=$ (nmap-sT $a-p 21 | awk'/ ftp/ {print $2}') if [$m = open] thenecho" $an enable ftp service "fidone 3: development system monitoring script 3.1 Enterprise environment description of a company as the business continues to develop More and more linux servers are being used. The administrator wants to write a simple performance monitoring script and put it on each server to send an alarm email when the monitoring indicator is abnormal. 3.2 requirements description write a shell monitoring script named sysmon.sh. The monitoring content, including CPU utilization, memory utilization, and disk occupancy percentage of the root partition, is only accurate to individual digits. For example, alarm occurs when disk occupancy exceeds 90%, cpu utilization exceeds 80%, memory utilization exceeds 90%, and alarm email is sent to the specified mailbox combined with crond service through mail command. Monitor script 3.3 ideas and command test analysis every half hour: monitoring contents include cpu utilization, memory utilization, disk occupancy of root partition df commands awk commands mpstat commands (need to install sysstat software package) free commands crontab commands script programming and debugging use df commands to extract disk occupancy of root partitions, assign values to variable DUG use mpstat commands to extract cpu utilization Assign value to variable CUG use free command to extract memory utilization, assign value to variable MUG use if statement to determine whether the above monitoring project exceeds the standard, and save the information that needs to be alerted to / tmp/alert.txt file If present, send debug optimization as an alarm message and set the current occupancy rate of crontab plan #! / bin/bash#/ root partition DUG=$ (df-Th | grep'/ $'| awk'{print $6}'| sed's cpu CUG=$ (mpstat | grep 'all' | awk' {print $13}'| awk-F. '{print $1}') # current memory occupancy used=$ (free | grep 'Mem' | awk' {print $3}') total=$ (free | grep 'Mem' | awk' {print $2}') ((MUG = used*100/total)) genfenquzhanyong= current root disk occupancy below warning line 20% cpukongxian= current cpu free resources not below warning line 1% neicunzhanyong= current memory usage does not exceed warning line 10% # when root partition occupancy rate exceeds 10:00 if $DUG-gt 10] thenecho `date` > > / tmp/alert.txtecho "current disk occupancy exceeds 10%" > > / tmp/alert.txtgenfenquzhanyong=' current root disk occupancy exceeds 20% of warning line For $DUG%'fi#, when cpu's free memory is less than 20:00 if [$CUG-lt 1] thenecho `date` > > / tmp/alert.txtecho "current cpu free resources less than 1%" > / tmp/alert.txtcpukongxian=' current cpu free resources are below the warning line 1%, $CUG'fiif [$MUG-gt 10] thenecho `date` > > / tmp/alert.txtecho "current memory usage exceeds 10%" > > / tmp/alert.txtneicunzhanyong=' current memory usage exceeds 10% Is $MUG'firpm-Q expectif [$?-ne 0] thenyum install expect-yfiecho "$genfenquzhanyong,$cpukongxian,$neicunzhanyong" | mail "965483130@qq.com" [root@localhost ~] # crontab-e-u root [root@localhost ~] # crontab-L30 * / usr/bin/sh / root/sysmon.sh

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.