check_listening_ports (edouard.lamoine)

Plugin made by Edouard Lamoine This plugin is verifying if no unexpected ports are listening on the localhost. Copy the plugin in the nagios plugins directory. Usage: ./check_listening_ports intput_your_authorized_ports_then_services_separed_by_spaces ex without services informations: check_listening_ports 80 25 5666 sshd mysqld ex with services informations: /usr/bin/sudo/ check_listening_ports 80 25 5666 sshd mysqld Return OK if all the current listening ports / services behind have been passed in argument, CRITICAL if any one of them have not been passed, UNKNOWN if no ports were specified. For example, if a hacker opens the port 984 for hackerdaemon service and you didn't specify port 984 or service hackerdaemon in the command, plugin will return "CRITICAL - Unexpected ports are listening: 984/hackerdaemon" If you want to be informed of services running behind unexpected ports, you'll have to give Nagios user root access to the plugin: add permissions in sudoers file: -> visudo Below the line: root ALL=(ALL:ALL) ALL add nagios ALL=(root) NOPASSWD: /usr/lib/nagios/plugins/check_listening_ports Of course be sure Nagios user is allowed to access the plugin (use chmod to make it readable by Nagios user) Let me know if you experience any problem with it. UPDATE 11/05/2015 v1.1: Fixed bug: sometimes unexpected listening ports appears twice on output string. UPDATE #2 11/05/2015 v1.2: optimized speed: now 2x faster UPDATE 13/05/2015 v1.3: added service recognition, now you can specify allowed services, no matter their ports UPDATE #2 13/05/2015 v1.4: Fixed bug: services with SERVER, IDLE or PRIVATE details messed up all services recognition for their port

You must be logged in to submit a review.

Your review has been submitted and is pending approval.

Your recommendation has been sent.

Project Overview Project Files Project Photos Project Notes Reviews