定期对服务器进行扫描,将危险端口有开放的服务器记录日志或通过邮件、微信告警出来
先定义服务器列表 iplist:
10.10.0.50
10.10.0.51
10.10.0.52
....
检查端口过程如下:
#!/bin/bash for i in `awk '{print $1}' iplist`; do if [[ $(nmap $i -p 22 |grep open|grep -v grep|wc -l) -eq 1 ]];then echo $i 22 is up. else echo $i 22 is down. fi; done for i in `awk '{print $1}' iplist`; do if [[ $(nmap $i -p 80 |grep open|grep -v grep|wc -l) -eq 1 ]];then echo $i 80 is up. else echo $i 80 is down. fi; done