Security

check_defacement

Write a Review

Description:

This plugin check for a potential website defacement.
The script curl the provided url and compare it with the previous curl. Several tests can be made, the default one is calculating how many pecentage of code have been changed since last check.

Current Version

1.0

Last Release Date

2015-11-30

Compatible With

  • Nagios 3.x
  • Nagios 4.x

Owner

ensmm

License

GPL

Copy Page Link Recommend Contact Owner Login to Add to Favorites
Project Files
FileDescription
check_defacement.sh
Project Notes
Script language : Bash Usage : ./check_defacement.sh -u [URL] -{OPTIONS} [URL] (STRING - required) Url must be provided without http:// or https:// {OPTIONS} -w WARNING -c CRITICAL (INTEGER) Default check, calculating a percentage of changed code since last check, based on code lines changed. Default values: 5 for WARNING and 10 for CRITICAL -m MD5 checksum test, if checksum of curled url have changed since last check, CRITICAL state. -k KEYWORD (STRING) If provided keyword is not present in website code, CRITICAL state. -l FILE (STRING) File with defacement words/phrases (one per line). You can create a file with words and phrases with defacement vocabulary (hack, money,...). CRITICAL state if defacement vocabulary found in code. -p PROXY:PORT (STRING) -s Use SSL for connection (https) -h Help -V Version In case of WARNING or CRITICAL states, a time stamped backup of curled url is created in dump directory (default /tmp) for investigations.
Reviews (0) Add a Review
Page Sections
Project Overview Project Files Project Notes Reviews
Project Stats
Rating
0 (0)
Favorites
0
Views
7,932