X-Git-Url: http://ftp.carnet.hr/carnet-debian/scm?p=ossec-hids.git;a=blobdiff_plain;f=debian%2Fossec-hids%2Fvar%2Fossec%2Fagentless%2Fssh_pixconfig_diff;fp=debian%2Fossec-hids%2Fvar%2Fossec%2Fagentless%2Fssh_pixconfig_diff;h=0000000000000000000000000000000000000000;hp=edf992f8fb03dada5974425045b445d3b6ab8664;hb=946517cefb8751a43a89bda4220221f065f4e5d1;hpb=3f728675941dc69d4e544d3a880a56240a6e394a diff --git a/debian/ossec-hids/var/ossec/agentless/ssh_pixconfig_diff b/debian/ossec-hids/var/ossec/agentless/ssh_pixconfig_diff deleted file mode 100755 index edf992f..0000000 --- a/debian/ossec-hids/var/ossec/agentless/ssh_pixconfig_diff +++ /dev/null @@ -1,205 +0,0 @@ -#!/usr/bin/env expect - -# Agentless monitoring -# -# Copyright (C) 2009 Trend Micro Inc. -# All rights reserved. -# -# This program is a free software; you can redistribute it -# and/or modify it under the terms of the GNU General Public -# License (version 2) as published by the FSF - Free Software -# Foundation. - -if {$argc < 1} { - send_user "ERROR: ssh_pixconfig_diff \n"; - exit 1; -} - -# NOTE: this script must be called from within /var/ossec for it to work -set passlist "agentless/.passlist" -set hostname [lindex $argv 0] -set commands [lrange $argv 1 end] -set pass "x" -set addpass "x" -set timeout 20 - -if {[string compare $hostname "test"] == 0} { - if {[string compare $commands "test"] == 0} { - exit 0; - } -} - -# Read the password list -if [catch { - set in [open "$passlist" r] -} loc_error] { - send_user "ERROR: Password list not present (use \"register_host\" first).\n" - exit 1; -} - -while {[gets $in line] != -1} { - set me [string first "|" $line] - set me2 [string last "|" $line] - set length [string length $line] - - if {$me == -1} { - continue; - } - if {$me2 == -1} { - continue; - } - if {$me == $me2} { - continue; - } - - set me [expr $me-1] - set me2 [expr $me2-1] - - set host_list [string range $line 0 $me] - set me [expr $me+2] - set pass_list [string range $line $me $me2] - set me2 [expr $me2+2] - set addpass_list [string range $line $me2 $length] - - if {[string compare $host_list $hostname] == 0} { - set pass "$pass_list" - set addpass "$addpass_list" - break - } -} -close $in - -if {[string compare $pass "x"] == 0} { - send_user "ERROR: Password for '$hostname' not found.\n" - exit 1; -} - -# SSH to the box and pass the directories to check -if [catch { - spawn ssh -c des $hostname -} loc_error] { - send_user "ERROR: Opening connection: $loc_error.\n" - exit 1; -} - -expect { - "WARNING: REMOTE HOST" { - send_user "ERROR: RSA host key for '$hostname' has changed. Unable to access.\n" - exit 1; - } - "*sure you want to continue connecting*" { - send "yes\r" - expect "* password:*" { - send "$pass\r" - - expect { - "Permission denied" { - send_user "ERROR: Incorrect password to remote host: $hostname .\n" - exit 1; - } - timeout { - send_user "ERROR: Timeout while running on host (too long to finish): $hostname .\n" - exit 1; - } - "*>" { - send_user "\nINFO: Starting.\n" - } - } - } - } - "ssh: connect to host*" { - send_user "ERROR: Unable to connect to remote host: $hostname .\n" - exit 1; - } - "no address associated with name" { - send_user "ERROR: Unable to connect to remote host: $hostname .\n" - exit 1; - } - "*Connection refused*" { - send_user "ERROR: Unable to connect to remote host: $hostname .\n" - exit 1; - } - "*Connection closed by remote host*" { - send_user "ERROR: Unable to connect to remote host: $hostname .\n" - exit 1; - } - "*Password:*" { - send "$pass\r" - - expect { - "Permission denied" { - send_user "ERROR: Incorrect password to remote host: $hostname .\n" - exit 1; - } - timeout { - send_user "ERROR: Timeout while running on host (too long to finish): $hostname .\n" - exit 1; - } - "*>" { - send_user "INFO: Starting.\n" - } - } - } - timeout { - send_user "ERROR: Timeout while connecting to host: $hostname . \n" - exit 1; - } -} - -# Go into enable mode -send "enable\r" -expect { - "Password:" { - send "$addpass\r" - - expect { - "*asswor*" { - send_user "ERROR: Incorrect enable password to remote host: $hostname .\n" - exit 1; - } - "*rror in authenticatio*" { - send_user "ERROR: Incorrect enable password to remote host: $hostname .\n" - exit 1; - } - timeout { - send_user "ERROR: Timeout while going to enable mode on host: $hostname .\n" - exit 1; - } - "*#" { - send_user "ok on enable pass\n" - } - } - } - timeout { - send_user "ERROR: Timeout while running enable on host: $hostname .\n" - exit 1; - } -} - -# Send commands -set timeout 60 -send_user "\nSTORE: now\n" - -send "no pager\r" -send "term len 0\r" -send "terminal pager 0\r" - -# Exclude uptime from the output -send "show version | grep -v Configuration last| up\r" -send "show running-config\r" -send "$commands\r" -send "exit\r" - -expect { - timeout { - send_user "ERROR: Timeout while running commands on host: $hostname .\n" - exit 1; - } - eof { - send_user "\nINFO: Finished.\n" - exit 0; - } -} - -send_user "ERROR: Unable to finish properly.\n" -exit 1;