Linux vps-61133.fhnet.fr 4.9.0-19-amd64 #1 SMP Debian 4.9.320-2 (2022-06-30) x86_64
Apache/2.4.25 (Debian)
Server IP : 93.113.207.21 & Your IP : 216.73.216.112
Domains :
Cant Read [ /etc/named.conf ]
User : www-data
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
usr /
share /
logwatch /
scripts /
services /
Delete
Unzip
Name
Size
Permission
Date
Action
afpd
3.84
KB
-rwxr-xr-x
2017-01-21 17:44
amavis
176.48
KB
-rwxr-xr-x
2017-01-21 17:44
arpwatch
1.43
KB
-rwxr-xr-x
2017-01-21 17:44
audit
15.59
KB
-rwxr-xr-x
2017-01-21 17:44
automount
5.24
KB
-rwxr-xr-x
2017-01-21 17:44
autorpm
2.25
KB
-rwxr-xr-x
2017-01-21 17:44
barracuda
11.85
KB
-rwxr-xr-x
2017-01-21 17:44
bfd
2.2
KB
-rwxr-xr-x
2017-01-21 17:44
cisco
44.38
KB
-rwxr-xr-x
2016-07-26 19:43
citadel
58.58
KB
-rwxr-xr-x
2017-01-21 17:44
clam-update
6.93
KB
-rwxr-xr-x
2017-01-21 17:44
clamav
6.17
KB
-rwxr-xr-x
2017-01-21 17:44
clamav-milter
4.17
KB
-rwxr-xr-x
2017-01-21 17:44
courier
23.28
KB
-rwxr-xr-x
2017-01-21 17:44
cron
12.58
KB
-rwxr-xr-x
2017-01-21 17:44
denyhosts
1.75
KB
-rwxr-xr-x
2017-01-21 17:44
dhcpd
11
KB
-rwxr-xr-x
2017-01-21 17:44
dirsrv
4.85
KB
-rwxr-xr-x
2017-01-21 17:44
dnssec
4.99
KB
-rwxr-xr-x
2017-01-21 17:44
dovecot
24.72
KB
-rwxr-xr-x
2017-01-21 17:44
dpkg
3.21
KB
-rwxr-xr-x
2017-01-21 17:44
emerge
4.44
KB
-rwxr-xr-x
2017-01-21 17:44
evtapplication
5.92
KB
-rwxr-xr-x
2017-01-21 17:44
evtsecurity
12.7
KB
-rwxr-xr-x
2017-01-21 17:44
evtsystem
14.95
KB
-rwxr-xr-x
2017-01-21 17:44
exim
24.79
KB
-rwxr-xr-x
2017-01-21 17:44
eximstats
1.91
KB
-rwxr-xr-x
2017-01-21 17:44
extreme-networks
10.91
KB
-rwxr-xr-x
2017-01-21 17:44
fail2ban
9.98
KB
-rwxr-xr-x
2017-01-21 17:44
fetchmail
3.53
KB
-rwxr-xr-x
2017-01-21 17:44
freeradius
10.22
KB
-rwxr-xr-x
2017-01-21 17:44
ftpd-messages
7.67
KB
-rwxr-xr-x
2017-01-21 17:44
ftpd-xferlog
6.18
KB
-rwxr-xr-x
2017-01-21 17:44
http
23.73
KB
-rwxr-xr-x
2017-01-21 17:44
http-error
4.22
KB
-rwxr-xr-x
2016-07-26 19:43
identd
5.54
KB
-rwxr-xr-x
2017-01-21 17:44
imapd
11.15
KB
-rwxr-xr-x
2017-01-21 17:44
in.qpopper
4.84
KB
-rwxr-xr-x
2017-01-21 17:44
init
3.48
KB
-rwxr-xr-x
2017-01-21 17:44
ipop3d
4.08
KB
-rwxr-xr-x
2017-01-21 17:44
iptables
14.96
KB
-rwxr-xr-x
2017-01-21 17:44
kernel
10.56
KB
-rwxr-xr-x
2017-01-21 17:44
knockd
2.8
KB
-rwxr-xr-x
2017-01-21 17:44
lvm
3.12
KB
-rwxr-xr-x
2017-01-21 17:44
mailscanner
27.15
KB
-rwxr-xr-x
2017-01-21 17:44
mdadm
4.58
KB
-rwxr-xr-x
2017-01-21 17:44
mod_security2
7.82
KB
-rwxr-xr-x
2017-01-21 17:44
modprobe
4.17
KB
-rwxr-xr-x
2017-01-21 17:44
mountd
4.35
KB
-rwxr-xr-x
2017-01-21 17:44
mysql
4.52
KB
-rwxr-xr-x
2017-01-21 17:44
mysql-mmm
4.84
KB
-rwxr-xr-x
2017-01-21 17:44
named
31.26
KB
-rwxr-xr-x
2017-01-21 17:44
netopia
14.98
KB
-rwxr-xr-x
2017-01-21 17:44
netscreen
20.63
KB
-rwxr-xr-x
2017-01-21 17:44
oidentd
5.47
KB
-rwxr-xr-x
2017-01-21 17:44
omsa
2.59
KB
-rwxr-xr-x
2017-01-21 17:44
openvpn
13.68
KB
-rwxr-xr-x
2017-01-21 17:44
pam
1.86
KB
-rwxr-xr-x
2017-01-21 17:44
pam_pwdb
7.84
KB
-rwxr-xr-x
2017-01-21 17:44
pam_unix
16.03
KB
-rwxr-xr-x
2017-01-21 17:44
php
5.1
KB
-rwxr-xr-x
2017-01-21 17:44
pix
13.29
KB
-rwxr-xr-x
2017-01-21 17:44
pluto
11.97
KB
-rwxr-xr-x
2017-01-21 17:44
pop3
15.18
KB
-rwxr-xr-x
2017-01-21 17:44
portsentry
5
KB
-rwxr-xr-x
2017-01-21 17:44
postfix
241.59
KB
-rwxr-xr-x
2017-01-21 17:44
postgresql
5.39
KB
-rwxr-xr-x
2017-01-21 17:44
pound
3.52
KB
-rwxr-xr-x
2017-01-21 17:44
proftpd-messages
10.6
KB
-rwxr-xr-x
2017-01-21 17:44
puppet
10.37
KB
-rwxr-xr-x
2016-07-26 19:43
pureftpd
8.17
KB
-rwxr-xr-x
2017-01-21 17:44
qmail
5.73
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-pop3d
4.43
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-pop3ds
3.98
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-send
19.63
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-smtpd
56.05
KB
-rwxr-xr-x
2017-01-21 17:44
raid
1.73
KB
-rwxr-xr-x
2017-01-21 17:44
resolver
3.43
KB
-rwxr-xr-x
2017-01-21 17:44
rsnapshot
3.33
KB
-rwxr-xr-x
2017-01-21 17:44
rsyslogd
1.79
KB
-rwxr-xr-x
2016-07-26 19:43
rt314
4.43
KB
-rwxr-xr-x
2017-01-21 17:44
samba
25.63
KB
-rwxr-xr-x
2017-01-21 17:44
saslauthd
4.06
KB
-rwxr-xr-x
2017-01-21 17:44
scsi
3.34
KB
-rwxr-xr-x
2017-01-21 17:44
secure
41.04
KB
-rwxr-xr-x
2017-01-21 17:44
sendmail
92.27
KB
-rwxr-xr-x
2017-01-21 17:44
sendmail-largeboxes
2.51
KB
-rwxr-xr-x
2017-01-21 17:44
shaperd
5.64
KB
-rwxr-xr-x
2017-01-21 17:44
slon
4.61
KB
-rwxr-xr-x
2017-01-21 17:44
smartd
16.1
KB
-rwxr-xr-x
2017-01-21 17:44
sonicwall
25
KB
-rwxr-xr-x
2017-01-21 17:44
spamassassin
7.56
KB
-rwxr-xr-x
2016-07-26 19:43
sshd
30.98
KB
-rwxr-xr-x
2017-01-21 17:44
sshd2
2.02
KB
-rwxr-xr-x
2017-01-21 17:44
sssd
2.45
KB
-rwxr-xr-x
2017-01-21 17:44
stunnel
5.61
KB
-rwxr-xr-x
2016-07-26 19:43
sudo
6.01
KB
-rwxr-xr-x
2017-01-21 17:44
syslog-ng
20.61
KB
-rwxr-xr-x
2017-01-21 17:44
syslogd
1.98
KB
-rwxr-xr-x
2017-01-21 17:44
systemd
7.53
KB
-rwxr-xr-x
2017-01-21 17:44
tac_acc
4.12
KB
-rwxr-xr-x
2017-01-21 17:44
tivoli-smc
4.41
KB
-rwxr-xr-x
2016-07-26 19:43
up2date
4.79
KB
-rwxr-xr-x
2017-01-21 17:44
vdr
8.3
KB
-rwxr-xr-x
2017-01-21 17:44
vpopmail
3.48
KB
-rwxr-xr-x
2017-01-21 17:44
vsftpd
8.28
KB
-rwxr-xr-x
2017-01-21 17:44
windows
16.12
KB
-rwxr-xr-x
2017-01-21 17:44
xntpd
8.59
KB
-rwxr-xr-x
2017-01-21 17:44
yum
2.8
KB
-rwxr-xr-x
2017-01-21 17:44
zypp
2.48
KB
-rwxr-xr-x
2017-01-21 17:44
zz-disk_space
6.02
KB
-rwxr-xr-x
2017-01-21 17:44
zz-fortune
1.69
KB
-rwxr-xr-x
2017-01-21 17:44
zz-lm_sensors
1.82
KB
-rwxr-xr-x
2017-01-21 17:44
zz-network
12.79
KB
-rwxr-xr-x
2017-01-21 17:44
zz-runtime
1.66
KB
-rwxr-xr-x
2017-01-21 17:44
zz-sys
3.01
KB
-rwxr-xr-x
2017-01-21 17:44
zz-zfs
5.91
KB
-rwxr-xr-x
2017-01-21 17:44
Save
Rename
#!/usr/bin/perl ########################################################################## # $Id$ ########################################################################## # $Log: pix,v $ # Revision 1.4 2008/06/30 23:07:51 kirk # fixed copyright holders for files where I know who they should be # # Revision 1.3 2008/03/24 23:31:26 kirk # added copyright/license notice to each script # # Revision 1.2 2007/02/16 03:30:55 bjorn # Change to Unix text, without CR/LF, by Ivana Varekova. # # Revision 1.1 2006/12/20 04:24:07 bjorn # New script for cisco pix files, written by Bob Hendry. # ########################################################################## ####################################################### ## Copyright (c) 2008 Bob Hendry ## Covered under the included MIT/X-Consortium License: ## http://www.opensource.org/licenses/mit-license.php ## All modifications and contributions by other persons to ## this script are assumed to have been donated to the ## Logwatch project and thus assume the above copyright ## and licensing terms. If you want to make contributions ## under your own copyright or a different license this ## must be explicitly stated in the contribution an the ## Logwatch project reserves the right to not accept such ## contributions. If you have made significant ## contributions to this script and want to claim ## copyright please contact logwatch-devel@lists.sourceforge.net. ######################################################### use Logwatch ':all'; ########################################################################## # Apply date for Cisco PIX ########################################################################## use POSIX qw(strftime); use Logwatch ':dates'; $SearchDate = TimeFilter('%b %e %H:%M:%S'); $Debug = $ENV{'LOGWATCH_DEBUG'} || 0; $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0; if ( $Debug >= 5 ) { print STDERR "\n\nDEBUG: Inside PIX Filter \n\n"; $DebugCounter = 1; } my ($month,$day,$time,$host,$process,$conn,$msg); while (defined($ThisLine = <STDIN>)) { if ($ThisLine =~ m/^$SearchDate/o) { # added if ( $Debug >= 30 ) { print STDERR "DEBUG($DebugCounter): $ThisLine"; $DebugCounter++; } ($month,$day,$time,$host,$process,$conn,$msg)=split(/ +/,$ThisLine,7); if ( ($ThisLine =~ /(ISDN-6-.+)/ ) or ($ThisLine =~ /Copyright/ ) or ($ThisLine =~ /Cisco Internetwork Operating System Software/ ) or ($ThisLine =~ /IOS \(tm\)/ ) or ($ThisLine =~ /TAC:Home:SW:IOS:Specials/ ) ) { # don't care about this, will code this later } elsif ( $ThisLine =~ /%PIX-4-106023:/) { $testline = $ThisLine; chomp $testline; $testline =~ s/^.*PIX-4-106023: Deny //; $testline =~ s/\[0x0, 0x0\]//; $testline =~ s/"/ /g; $testline =~ s/by access-group//; $testline =~ s/[:,]/ /g; $testline =~ s/\// /g; @testfields = split(' ',$testline); $accesslist = @testfields[$#testfields]; $action = "Deny"; $protocol = @testfields[0]; if ($protocol =~ /(tcp|udp)/) { $source = @testfields[3]; $destination = @testfields[7]; $icmp_type = ""; $count = 1; $source_ip = @testfields[3]; $source_port = @testfields[4]; $destination_ip = @testfields[7]; $destination_port = @dfields[8]; } elsif ($protocol =~ /icmp/) { $source = @testfields[3]; $destination = @testfields[7]; $icmp_type = @testfields[8]; $count = 1; $source_ip = @testfields[3]; $destination_ip = @testfields[7]; } elsif ($protocol =~ /41/) { #IPv6 $source = @testfields[3]; $destination = @testfields[7]; $icmp_type = ""; $count = 1; $source_ip = @testfields[3]; $source_port = @testfields[4]; $destination_ip = @testfields[7]; $destination_port = @dfields[8]; } else { $count = 0; } $ACL{$accesslist} += $count; $ACTION{$action} += $count; $packets += $count; if ( ($destination_port == 22) and ($protocol =~ /TCP|tcp/) ) { $SSH{$source_ip} += $count; $SSH_packets += $count; } if ( ($destination_port == 23) and ($protocol =~ /TCP|tcp/) ) { $TELNET{$source_ip} += $count; $TELNET_packets += $count; } } elsif ($ThisLine =~ /%PIX-6-106100:/) { $testline = $ThisLine; chomp $testline; $testline =~ s/^.*%PIX-6-106100://; $testline =~ s/ ->//; $testline =~ s/[:,]/ /g; $testline =~ s/\// /g; $testline =~ s/[()]/ /g; @testfields = split(' ',$testline); $accesslist = @testfields[1]; $action = @testfields[2]; $protocol = @testfields[3]; if ($protocol =~ /(TCP|UDP|tcp|udp)/) { $count = 1; $source_ip = @testfields[5]; $source_port = @testfields[6]; $destination_ip = @testfields[8]; $destination_port = @testfields[9]; } elsif ($protocol =~ /icmpv6/) { # not implemented } else { $count = 0; } $ACL{$accesslist} += $count; $ACTION{$action} += $count; $packets += $count; if ( ($destination_port == 22) and ($protocol =~ /TCP|tcp/) ) { $SSH{$source_ip} += $count; $SSH_packets += $count; } if ( ($destination_port == 23) and ($protocol =~ /TCP|tcp/) ) { $TELNET{$source_ip} += $count; $TELNET_packets += $count; } if ( ($destination_port == 21) and ($protocol =~ /TCP|tcp/) ) { $FTP{$source_ip} += $count; $FTP_packets += $count; } } #Error Message %PIX|ASA-6-302013 elsif ($ThisLine =~ /%PIX-6-302013: Built/) { $testline = $ThisLine; chomp $testline; $testline =~ s/^.*%PIX-6-302013: Built//; $testline =~ s/[:,]/ /g; $testline =~ s/\// /g; $testline =~ s/[()]/ /g; @testfields = split(' ',$testline); $connection_id = @testfields[3]; $CONNECTION_ID{$connection_id} = $connection_id; } #Error Message %PIX|ASA-6-302015 elsif ($ThisLine =~ /%PIX-6-302015: Built/) { $testline = $ThisLine; chomp $testline; $testline =~ s/^.*%PIX-6-302015: Built//; $testline =~ s/[:,]/ /g; $testline =~ s/\// /g; $testline =~ s/[()]/ /g; @testfields = split(' ',$testline); $connection_id = @testfields[3]; $CONNECTION_ID{$connection_id} = $connection_id; } #Error Message %PIX|ASA-6-302014 elsif ($ThisLine =~ /%PIX-6-302014: Teardown/) { $testline = $ThisLine; chomp $testline; $testline =~ s/^.*%PIX-6-302014: Teardown//; $testline =~ s/[:,]/ /g; $testline =~ s/\// /g; $testline =~ s/[()]/ /g; @testfields = split(' ',$testline); $protocol = @testfields[0]; $connection_id = @testfields[2]; $count = 1; $source_ip = @testfields[5]; $source_port = @testfields[6]; $destination_ip = @testfields[11]; $destination_port = @testfields[12]; if ($connection_id == $CONNECTION_ID{$connection_id}) { if ( ($destination_port == 21) and ($protocol =~ /TCP|tcp/) ) { $FTP{$source_ip} += $count; $FTP_packets += $count; } if ( ($destination_port == 22) and ($protocol =~ /TCP|tcp/) ) { $SSH{$source_ip} += $count; $SSH_packets += $count; } if ( ($destination_port == 23) and ($protocol =~ /TCP|tcp/) ) { $TELNET{$source_ip} += $count; $TELNET_packets += $count; } } } #Error Message %PIX|ASA-6-302016 elsif ($ThisLine =~ /%PIX-6-302016: Teardown/) { $testline = $ThisLine; chomp $testline; $testline =~ s/^.*%PIX-6-302016: Teardown//; $testline =~ s/[:,]/ /g; $testline =~ s/\// /g; $testline =~ s/[()]/ /g; @testfields = split(' ',$testline); $protocol = @testfields[0]; $connection_id = @testfields[2]; $count = 1; $source_ip = @testfields[5]; $source_port = @testfields[6]; $destination_ip = @testfields[11]; $destination_port = @testfields[12]; if ($connection_id == $CONNECTION_ID{$connection_id}) { if ( ($source_port == 53) and ($protocol =~ /UDP|udp/) ) { $DNS{$source_ip} += $count; $DNS_packets += $count; } if ( ($source_port == 123) and ($protocol =~ /UDP|udp/) ) { $NTP{$source_ip} += $count; $NTP_packets += $count; } if ( ($source_port == 514) and ($protocol =~ /UDP|udp/) ) { $SYSLOG{$source_ip} += $count; $SYSLOG_packets += $count; } } } elsif ( $ThisLine =~ /%PIX-3-710003:/) { $testline = $ThisLine; chomp $testline; $testline =~ s/^.*%PIX-3-710003://; $testline =~ s/[:,]/ /g; $testline =~ s/\// /g; @testfields = split(' ',$testline); $accesslist = @testfields[4]; $action = "denied"; $protocol = @testfields[0]; if ($protocol =~ /(TCP|UDP|tcp|udp)/) { $icmp_type = ""; $count = 1; $source_ip = @testfields[6]; $source_port = @testfields[7]; $destination_ip = @testfields[10]; $destination_port = @testfields[11]; } elsif ($protocol =~ /icmpv6/) { $source_ip = @testfields[3]; $source_port = 0; $destination_ip = @testfields[4]; $destination_port = 0; $icmp_type = @testfields[5]; $count = @testfields[6]; } else { $count = 0; } $ACL{$accesslist} += $count; $ACTION{$action} += $count; $packets += $count; if ( ($destination_port == 22) and ($protocol =~ /TCP|tcp/) ) { $SSH{$source_ip} += $count; $SSH_packets += $count; } }#Error Message %PIX|ASA-6-302020 elsif ($ThisLine =~ /%PIX-6-302020: Built ICMP connection for faddr/) { $testline = $ThisLine; chomp $testline; $testline =~ s/^.*%PIX-6-302020: Built ICMP connection for faddr//; $testline =~ s/[:,]/ /g; $testline =~ s/\// /g; $testline =~ s/[()]/ /g; @testfields = split(' ',$testline); $connection_id = @testfields[0]; $CONNECTION_ID{$connection_id} = $connection_id; } #Error Message %PIX|ASA-6-302021 elsif ($ThisLine =~ /%PIX-6-302021: Teardown ICMP connection for faddr/) { $testline = $ThisLine; chomp $testline; $testline =~ s/^.*%PIX-6-302021: Teardown ICMP connection for faddr//; $testline =~ s/[:,]/ /g; $testline =~ s/\// /g; $testline =~ s/[()]/ /g; @testfields = split(' ',$testline); $connection_id = @testfields[0]; $count = 1; $source_ip = $connection_id; if ($connection_id == $CONNECTION_ID{$connection_id}) { $ICMP{$source_ip} += $count; $ICMP_packets += $count; } } else { # Report any unmatched entries... chomp $ThisLine; $OtherList{$ThisLine}++; } } } if (keys %ACL) { print "\nAccess Control Lists:\n"; foreach $ThisOne (sort keys %ACL) { print " " . $ThisOne . " : " . $ACL{$ThisOne} . " Hit(s)\n"; } print " Total : " . $packets . " Hit(s)\n"; if ($IPV6_packets >0) {print " IPv6 Total : " . $IPV6_packets . " Hit(s)\n"} } if (keys %ACTION) { print "\nActions:\n"; foreach $ThisOne (sort keys %ACTION) { print " " . $ThisOne . " : " . $ACTION{$ThisOne} . " Hit(s)\n"; } print " Total : " . $packets . " Hit(s)\n"; if ($IPV6_packets >0) {print " IPv6 Total : " . $IPV6_packets . " Hit(s)\n"} } if (keys %ICMP) { print "\nICMP Requests:\n"; foreach $ThisOne (sort keys %ICMP) { print " " . $ThisOne . " : " . $ICMP{$ThisOne} . " Hit(s)\n"; } print " Total : " . $ICMP_packets . " Hit(s)\n"; } if (keys %SSH) { print "\nSSH access:\n"; foreach $ThisOne (sort keys %SSH) { print " " . $ThisOne . " : " . $SSH{$ThisOne} . " Hit(s)\n"; } print " Total : " . $SSH_packets . " Hit(s)\n"; } if (keys %TELNET) { print "\nTELNET access:\n"; foreach $ThisOne (sort keys %TELNET) { print " " . $ThisOne . " : " . $TELNET{$ThisOne} . " Hit(s)\n"; } print " Total : " . $TELNET_packets . " Hit(s)\n"; } if (keys %FTP) { print "\nFTP access:\n"; foreach $ThisOne (sort keys %FTP) { print " " . $ThisOne . " : " . $FTP{$ThisOne} . " Hit(s)\n"; } print " Total : " . $FTP_packets . " Hit(s)\n"; } if (keys %DNS) { print "\nDNS access:\n"; foreach $ThisOne (sort keys %DNS) { print " " . $ThisOne . " : " . $DNS{$ThisOne} . " Hit(s)\n"; } print " Total : " . $DNS_packets . " Hit(s)\n"; } if (keys %NTP) { print "\nNTP access:\n"; foreach $ThisOne (sort keys %NTP) { print " " . $ThisOne . " : " . $NTP{$ThisOne} . " Hit(s)\n"; } print " Total : " . $NTP_packets . " Hit(s)\n"; } if (keys %SYSLOG) { print "\nSYSLOG access:\n"; foreach $ThisOne (sort keys %SYSLOG) { print " " . $ThisOne . " : " . $SYSLOG{$ThisOne} . " Hit(s)\n"; } print " Total : " . $SYSLOG_packets. " Hit(s)\n"; } #if (keys %OtherList) { # print "\n**Unmatched Entries**\n"; # foreach $line (sort {$OtherList{$b}<=>$OtherList{$a} } keys %OtherList) { # print " $line: $OtherList{$line} Time(s)\n"; # } #} exit(0); # vi: shiftwidth=3 tabstop=3 syntax=perl et # Local Variables: # mode: perl # perl-indent-level: 3 # indent-tabs-mode: nil # End: