On Wed, 25 Aug 2004 22:03:11 -0400 (EDT), Eben King
<eben1@tampabay.rr.com> wrote:
> On Wed, 25 Aug 2004, Tevfik Yucek wrote:
>
> > I have a question: I want to run chkrootkit everyday. I put the
> > following line in my cron file:
> >
> > cd /path/to/chkrootkit; ./chkrootkit 2>&1 | mail -s "chkrootkit output" myemail
> >
> > it works fine, however, I dont want to get e-mails everyday. I want
> > to send the email only if the output of chkrootkit has the word
> > "INFECTED" in it. Can someone help me on this?
>
> Maybe have a script /usr/local/bin/yourscript which does something like
>
> cd /path/to/chkrootkit
> ( date ; ./chkrootkit ) 2>&1 > chrootkit-output
> grep -q INFECTED chkrootkit-output && mail -s "chkrootkit output" myemail
>
> then run it daily (or whatever) from crontab.
Thanks Eben,
I had to make a small change to your script:
cd /usr/local/src/chkrootkit
( date ; ./chkrootkit ) 2>&1 > chkrootkit-output
grep -q INFECTED chkrootkit-output && (cat chkrootkit-output | mail -s
"chkrootkit output" mymailaddress)
I put it in /etc/cron.daily. Last time I was luck to see that guy.
I've reinstall the whole system.
Thanks for everybody for their helps again,
Tevfik
-- "If you really want something in this life, you have to work for it. Now, quiet! They're about to announce the lottery numbers..." - Homer Simpson ----------------------------------------------------------------------- This list is provided as an unmoderated internet service by Networked Knowledge Systems (NKS). Views and opinions expressed in messages posted are those of the author and do not necessarily reflect the official policy or position of NKS or any of its employees.
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 15:37:13 EDT