文件防篡改脚本第一版

文件防篡改脚本，一有文件被修改，立即发送报警短信。

 

#!/bin/bash
#description： check files shell
#author：coralzd powered by www.freebsdsystem.org
checkdir=/data/www/bbs.xxx.com

ipadd=`ifconfig |grep "inet" |cut -c 0-36|sed -e 's/[a-zA-Z: ]//g' |grep -v "127.0.0.1"`

while [ 1 ]
do
  DATE=`date +%Y-%m-%d.%H:%M:%S`
  find ${checkdir} \( -path ${checkdir}/forumdata/threadcaches -o -path  ${checkdir}/forumdata_1/threadcaches -o -path  ${checkdir}/forumdata_1/templates  -o -path ${checkdir}/f
orumdata_1/cache -o -path ${checkdir}/forumdata/dzwxuser -o -path ${checkdir}/p_w_uploads -o -path ${checkdir}/forumdata/cache -o -path ${checkdir}/forumdata/templates -o -path
${checkdir}/forumdata/dzwxuser -o -path ${checkdir}/dzwxuserid/cache -o -path ${checkdir}/forumdata_1 \) -prune -o -name "*php" -mmin -1 -print >/tmp/tmpdd
  SZ=`ls -la /tmp/tmpdd|awk '{print $5}'`
  if [ "${SZ}" -gt "2" ]; then
        SN=`cat /tmp/tmpdd`
    echo ${DATE} ${SN} >>/var/tmp/checkfile.log
    wget http://10.10.10.10/phpsms/smsu.php?phone=15012345678\&msg=%E7%95%99%E6%84%8F%EF%BC%9A${ipadd}_%E5%8F%AF%E8%83%BD%E5%87%BA%E7%8E%B0%E6%96%87%E4%BB%B6%E7%AF%A
1%E6%94%B9 -O /dev/null >/dev/null 2>&1
  fi
  sleep 60
done