#————————————————————–
# if Internet is available and gcc is prepared,
# you could cancel the commentary to start the following section
#—————————————————————
mkdir /var/tangfl/tmp
cd /var/tangfl/tmp
wget ftp://ftp.pangeia.com.br/pub/seg/pac/chkrootkit.tar.gz
tar -zxvf chkrootkit.tar.gz
rm -rf ./chkrootkit.tar.gz
cd chkrootkit* && make all
echo ” ——————-” >> /var/tangfl/ir
echo “| Chkrootkit result |” >> /var/tangfl/ir
echo ” ——————-” >> /var/tangfl/ir
./chkrootkit >> /var/tangfl/ir
echo -e “\n\n\n” >> /var/tangfl/ir
cd ../ && rm -rf ./tmp
echo -e “$cFG Info:$cNO Searching for … and suid files, how long it takes depends on the amount of disk files”
echo ” —————” >> /var/tangfl/ir
echo “| … file list |” >> /var/tangfl/ir
echo ” —————” >> /var/tangfl/ir
find / -name “\.\.\.” -print >> /var/tangfl/ir
echo -e “\n\n\n” >> /var/tangfl/ir
echo -e “$cFG Info:$cNO Dumping logs, you could do this work manually except for the large ones”
cp /var/log/messages* /var/tangfl/
cp /var/log/secure* /var/tangfl/
cp /var/run/utmp /var/tangfl/utmp
cp /var/log/wtmp /var/tangfl/wtmp
echo -e “$cFG Info:$cNO Dumping 3 timestamps for echo file under /”
cd /
echo -e “$cFG Info:$cNO Please wait,it will take several minutes…”
ls -alRu >> /var/tangfl/access 2>>$errFile
ls -lRc >> /var/tangfl/modification 2>>$errFile
ls -lR >> /var/tangfl/creation 2>>$errFile
echo -e “$cFG Info:$cNO Compressing…”
cd /var/tangfl/
tar -cvf ir.tar ./tangfl 2>>$errFile
gzip ir.tar 2>>$errFile
date +%Y-%m-%d/%H:%M >> /var/tangfl/ir
echo -e “$cFR Finished $cNO: check everything in /var/tangfl/ir.tar.gz!”
echo -e “$cFR Don’t forget to exec ++ rm -rf /var/tangfl ++ before you leave!$cNO”
#rm -f $0
#!/bin/sh
#
# NetworkManager: NetworkManager daemon
#
# chkconfig: - 98 02
# description: This is a daemon for automatically switching network \
# connections to the best available connection. \
#
# processname: NetworkManager
# pidfile: /var/run/NetworkManager/NetworkManager.pid
#
stop()
{
echo -n $"Stopping NetworkManager daemon: "
killproc -p $pidfile $servicename
RETVAL=$?
echo
if [ $RETVAL -eq 0 ]; then
rm -f /var/lock/subsys/$servicename
rm -f $pidfile
fi
}
# See how we were called.
case "$1" in
start)
start
;;
stop)
stop
;;
status)
status -p $pidfile $processname
RETVAL=$?
;;
restart)
stop
start
;;
condrestart)
if [ -f /var/lock/subsys/$servicename ]; then
stop
start
fi
;;
*)
echo $"Usage: $0 {start|stop|status|restart|condrestart}"
;;
esac
exit $RETVAL