diff options
Diffstat (limited to 'contrib/aix/check_failed')
-rw-r--r-- | contrib/aix/check_failed | 48 |
1 files changed, 48 insertions, 0 deletions
diff --git a/contrib/aix/check_failed b/contrib/aix/check_failed new file mode 100644 index 00000000..50cdf7e1 --- /dev/null +++ b/contrib/aix/check_failed | |||
@@ -0,0 +1,48 @@ | |||
1 | #!/usr/bin/perl | ||
2 | #====================== | ||
3 | # Created May 25, 2000 | ||
4 | #====================== | ||
5 | |||
6 | # This scripts is for checking for failed root login attempts on | ||
7 | # any machine running AIX which has a failedlogin file in /etc/security | ||
8 | # The purpose is to thwart (good word) any unauthorised people from | ||
9 | # even trying to log in as root. This plugin has been developed for Nagios | ||
10 | # running on AIX. | ||
11 | # Lonny Selinger SpEnTBoY lonny@abyss.za.org | ||
12 | # May | ||
13 | |||
14 | |||
15 | my $server = $ARGV[0]; | ||
16 | |||
17 | if (!$ARGV[0]) { | ||
18 | print "You must specify a server to check\n"; | ||
19 | print "usage: ./check_failed <Server Name>\n"; | ||
20 | exit (-1); | ||
21 | } else { | ||
22 | open (DATE, "/bin/date '+%b %d' |"); | ||
23 | while (<DATE>) { | ||
24 | $dline = $_; | ||
25 | @dresults = $dline; | ||
26 | chop $dresults[0]; | ||
27 | } | ||
28 | open (SULOG, "rsh $server -l root who /etc/security/failedlogin | grep root |"); | ||
29 | while (<SULOG>) { | ||
30 | $line = $_; | ||
31 | @results = split (/\s+/,$line); | ||
32 | if ($line =~ /^root/) { | ||
33 | if (join(' ', @results[2,3]) eq $dresults[0]) { | ||
34 | print "FAILED root login on $dresults[0], node: $ARGV[0] from $results[5]\n"; | ||
35 | exit(2); | ||
36 | } | ||
37 | } | ||
38 | } | ||
39 | } | ||
40 | if (join(' ', @results[2,3]) ne $dresults[0]) { | ||
41 | print "No Failed Root Logins on This Node\n"; | ||
42 | exit(0); | ||
43 | } | ||
44 | exit(0); | ||
45 | close(SULOG); | ||
46 | close(DATE); | ||
47 | |||
48 | |||