如何实现脚本SSH登录邮件报警
发表于:2024-10-01 作者:千家信息网编辑
千家信息网最后更新 2024年10月01日,本篇内容主要讲解"如何实现脚本SSH登录邮件报警",感兴趣的朋友不妨来看看。本文介绍的方法操作简单快捷,实用性强。下面就让小编来带大家学习"如何实现脚本SSH登录邮件报警"吧!登录保护是一个非常重要的
千家信息网最后更新 2024年10月01日如何实现脚本SSH登录邮件报警
本篇内容主要讲解"如何实现脚本SSH登录邮件报警",感兴趣的朋友不妨来看看。本文介绍的方法操作简单快捷,实用性强。下面就让小编来带大家学习"如何实现脚本SSH登录邮件报警"吧!
登录保护是一个非常重要的环节,下面通过图文并茂的方式给大家详细讲解下:
前两天@cyy 给我发了一个图
然后我就想到USHQ的ssh登录app通知功能,然后就像如果把这个部署到自用的服务器就好了。至少多一层安全系数。
首先要感谢@Legion 帮忙搞定了几个错误以及搞定了Geo2IP的JSON转换。 (P.S.此人为自动化运维大神级人物,现任职于德国一数据统计企业。)
当然,我和他相比我就是战五渣了...大家一定要多向 @Legion 学习啊~~
说下需要做的准备:
sendmail或者Postfix
php
bash
CentOS/Debian/Ubuntu
若你的生产环境中没有php sendmail Postfix等组件,请移步:
@Legion: Linux之使用shell脚本实现ssh登录报警
参考文件
首先是报警脚本文件
Shell
#!/bin/sh########################################################################## File Name: Login-alert.sh# Author: Jason# Email: master#deamwork.com# Created Time: Tue Jul 21 2015 21:23:16 PM CST ##########################################################################require jq#wget http://stedolan.github.io/jq/download/linux64/jq -O /usr/local/bin/jq#chmod +x /usr/local/bin/jq#if error, please # following one#PATH=/usr/local/nginx/sbin:/usr/local/php/bin:/usr/local/mysql/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin#Geo2IP by Legion(http://www.dwhd.org/)eval `curl -s "http://ip.taobao.com/service/getIpInfo.php?ip=${SSH_CLIENT%% *}" | jq . | awk -F':|[ ]+|"' '{if($3~/^(country|area|region|city|isp)$/){print $3"="$7}}'`#html mail contentcat >> mail-no-base64.html <mail-base64.html#使用Sendmail#sendmail -t >/dev/null 2>&1 < #subject:[`hostname`]服务器登录告警#`cat mail-no-base64.html`#EOF#使用postfix#cat >> mail.php < #EOF#使用 SMTP (require smtp-class.php)cat >> mail.php < debug = TRUE;\$smtp->sendmail(\$smtpemailto, \$smtpusermail, \$mailsubject, \$mailbody, \$mailtype); ?>EOFphp mail.phpyes y | rm mail-no-base64.html mail-base64.html mail.php
然后是如何触发这个脚本:
Shell
代码如下:
echo "screen -fa -d -m -S WL /etc/Login-alert.sh" >> /etc/profile
用这种方法, 新开终端或者复制终端都会触发报警
如果使用smtp方式,请保存以下文件为smtp-class.php
PHP
debug = FALSE; $this->smtp_port = $smtp_port; $this->relay_host = $relay_host; $this->time_out = 30; //is used in fsockopen() $this->auth = $auth;//auth $this->user = $user; $this->pass = $pass; $this->host_name = "localhost"; //is used in HELO command $this->log_file = ""; $this->sock = FALSE;} /* Main Function */ function sendmail($to, $from, $subject = "", $body = "", $mailtype, $cc = "", $bcc = "", $additional_headers = "") { $mail_from = $this->get_address($this->strip_comment($from)); $body = ereg_replace("(^|(\r\n))(\.)", "\1.\3", $body); $header .= "MIME-Version:1.0\r\n"; if($mailtype=="HTML") { $header .= "Content-Type: text/html; charset=\"utf-8\"" . "\r\n"; $header .= "Content-Transfer-Encoding: base64" . "\r\n"; } $header .= "To: ".$to."\r\n"; if ($cc != "") { $header .= "Cc: ".$cc."\r\n"; } $header .= "From: $from<".$from.">\r\n"; $header .= "Subject: ".$subject."\r\n"; $header .= $additional_headers; $header .= "Date: ".date("r")."\r\n"; $header .= "X-Mailer:By TianhaiTech (PHP/".phpversion().")\r\n"; list($msec, $sec) = explode(" ", microtime()); $header .= "Message-ID: <".date("YmdHis", $sec).".".($msec*1000000).".".$mail_from.">\r\n"; $TO = explode(",", $this->strip_comment($to)); if ($cc != "") { $TO = array_merge($TO, explode(",", $this->strip_comment($cc))); } if ($bcc != "") { $TO = array_merge($TO, explode(",", $this->strip_comment($bcc))); } $sent = TRUE; foreach ($TO as $rcpt_to) { $rcpt_to = $this->get_address($rcpt_to); if (!$this->smtp_sockopen($rcpt_to)) { $this->log_write("Error: Cannot send email to ".$rcpt_to."\n"); $sent = FALSE; continue; } if ($this->smtp_send($this->host_name, $mail_from, $rcpt_to, $header, $body)) { $this->log_write("E-mail has been sent to <".$rcpt_to.">\n"); } else { $this->log_write("Error: Cannot send email to <".$rcpt_to.">\n"); $sent = FALSE; } fclose($this->sock); $this->log_write("Disconnected from remote host\n"); } return $sent; } /* Private Functions */ function smtp_send($helo, $from, $to, $header, $body = "") { if (!$this->smtp_putcmd("HELO", $helo)) { return $this->smtp_error("sending HELO command"); } #auth if($this->auth) { if (!$this->smtp_putcmd("AUTH LOGIN", base64_encode($this->user))) { return $this->smtp_error("sending HELO command"); } if (!$this->smtp_putcmd("", base64_encode($this->pass))) { return $this->smtp_error("sending HELO command"); } } if (!$this->smtp_putcmd("MAIL", "FROM:<".$from.">")) { return $this->smtp_error("sending MAIL FROM command"); } if (!$this->smtp_putcmd("RCPT", "TO:<".$to.">")) { return $this->smtp_error("sending RCPT TO command"); } if (!$this->smtp_putcmd("DATA")) { return $this->smtp_error("sending DATA command"); } if (!$this->smtp_message($header, $body)) { return $this->smtp_error("sending message"); } if (!$this->smtp_eom()) { return $this->smtp_error("sending. [EOM]"); } if (!$this->smtp_putcmd("QUIT")) { return $this->smtp_error("sending QUIT command"); } return TRUE; } function smtp_sockopen($address) { if ($this->relay_host == "") { return $this->smtp_sockopen_mx($address); } else { return $this->smtp_sockopen_relay(); } } function smtp_sockopen_relay() { $this->log_write("Trying to ".$this->relay_host.":".$this->smtp_port."\n"); $this->sock = @fsockopen($this->relay_host, $this->smtp_port, $errno, $errstr, $this->time_out); if (!($this->sock && $this->smtp_ok())) { $this->log_write("Error: Cannot connenct to relay host ".$this->relay_host."\n"); $this->log_write("Error: ".$errstr." (".$errno.")\n"); return FALSE; } $this->log_write("Connected to relay host ".$this->relay_host."\n"); return TRUE;; } function smtp_sockopen_mx($address) { $domain = ereg_replace("^.+@([^@]+)$", "\1", $address); if (!@getmxrr($domain, $MXHOSTS)) { $this->log_write("Error: Cannot resolve MX \"".$domain."\"\n"); return FALSE; } foreach ($MXHOSTS as $host) { $this->log_write("Trying to ".$host.":".$this->smtp_port."\n"); $this->sock = @fsockopen($host, $this->smtp_port, $errno, $errstr, $this->time_out); if (!($this->sock && $this->smtp_ok())) { $this->log_write("Warning: Cannot connect to mx host ".$host."\n"); $this->log_write("Error: ".$errstr." (".$errno.")\n"); continue; } $this->log_write("Connected to mx host ".$host."\n"); return TRUE; } $this->log_write("Error: Cannot connect to any mx hosts (".implode(", ", $MXHOSTS).")\n"); return FALSE; } function smtp_message($header, $body) { fputs($this->sock, $header."\r\n".$body); $this->smtp_debug("> ".str_replace("\r\n", "\n"."> ", $header."\n> ".$body."\n> ")); return TRUE; } function smtp_eom() { fputs($this->sock, "\r\n.\r\n"); $this->smtp_debug(". [EOM]\n"); return $this->smtp_ok(); } function smtp_ok() { $response = str_replace("\r\n", "", fgets($this->sock, 512)); $this->smtp_debug($response."\n"); if (!ereg("^[23]", $response)) { fputs($this->sock, "QUIT\r\n"); fgets($this->sock, 512); $this->log_write("Error: Remote host returned \"".$response."\"\n"); return FALSE; } return TRUE; } function smtp_putcmd($cmd, $arg = "") { if ($arg != "") { if($cmd=="") { $cmd = $arg; } else { $cmd = $cmd." ".$arg; } } fputs($this->sock, $cmd."\r\n"); $this->smtp_debug("> ".$cmd."\n"); return $this->smtp_ok(); } function smtp_error($string) { $this->log_write("Error: Error occurred while ".$string.".\n"); return FALSE; } function log_write($message) { $this->smtp_debug($message); if ($this->log_file == "") { return TRUE; } $message = date("M d H:i:s ").get_current_user()."[".getmypid()."]: ".$message; if (!@file_exists($this->log_file) || !($fp = @fopen($this->log_file, "a"))) { $this->smtp_debug("Warning: Cannot open log file \"".$this->log_file."\"\n"); return FALSE;; } flock($fp, LOCK_EX); fputs($fp, $message); fclose($fp); return TRUE; } function strip_comment($address) { $comment = "\([^()]*\)"; while (ereg($comment, $address)) { $address = ereg_replace($comment, "", $address); } return $address; } function get_address($address) { $address = ereg_replace("([ \t\r\n])+", "", $address); $address = ereg_replace("^.*<(.+)>.*$", "\1", $address); return $address; } function smtp_debug($message) { if ($this->debug) { echo $message; } }}
?>
实现效果:
到此,相信大家对"如何实现脚本SSH登录邮件报警"有了更深的了解,不妨来实际操作一番吧!这里是网站,更多相关内容可以进入相关频道进行查询,关注我们,继续学习!
登录
脚本
报警
邮件
文件
服务器
学习
服务
内容
方式
方法
终端
实用
更深
重要
安全
安全系数
人物
代码
兴趣
数据库的安全要保护哪些东西
数据库安全各自的含义是什么
生产安全数据库录入
数据库的安全性及管理
数据库安全策略包含哪些
海淀数据库安全审计系统
建立农村房屋安全信息数据库
易用的数据库客户端支持安全管理
连接数据库失败ssl安全错误
数据库的锁怎样保障安全
怎么写软件开发用户手册
上海志愿者活动数据库
杭州讯马网络技术有限公司
局域网内无法访问数据库
智慧住建软件开发商
数据库 重建索引
数据库刚写入的数据不可读
数据库双主冲突
jsp中向数据库添加数据
vba获取数据存入数据库
耐药数据库card下载
cmd切换数据库
未来教育网络技术第十题
密云数据库安全防护系统
软件开发找工作需要询问什么
加大网络安全制度宣传
用什么软件登录阿里云服务器
cop生物多样性网络安全
武汉诚铭网络技术有限公司
支付宝实用的网络技术
删除数据库后台
dhcp服务器租期到期掉线
2k21连接服务器错误代码
四川语音网络技术分类市场价
软件开发对接facebook
网络安全产品apt
php服务器教程视频学习
网络安全龙头 国民技术
后台可以访问数据库吗
人才数据库建设