While the whole issue was talking about web security, I thought of writing something on the same lines
In this issue of command line gyan, we’ll see how we can monitor our websites automatically so as to get notified if anyone defaces it. Nothing very great in this and there are a lot of services giving this feature in cheap, but the fun is to write your own dirty little script to help you. So here it goes
We are going to use few tiny commands of Linux to make our monitoring utility
- Wget – it downloads a file from web
- Mail – it sends mail
- Cron – it runs scheduled task repetitively
- Grep – our best text search friend
So now we’ll see how we can use them together to achieve our objective
Will download the homepage of CHMag website. This will produce some verbose noise, so we can use wget –q to run in quite mode
grep “Welcome to CHMag”
Will search for the text Now if we club them together
wget –q http://chmag.in | grep “Welcome to CHMag”
This will download the homepage & search for the text.
No this will not 🙂
This will download the file & grep will not get anything. So we’ll have to redirect the output of wget to standard output & then grep it
This makes the command to look like
wget –q –O - http://chmag.in | grep “Welcome to CHMag"
Now suppose the website is not available due to some web attack which may include DOS, complete homepage defacement, server crash or In such cases you’ll not be able to download the actual page with your text on it and we can use that logic to create an alert.
So now we have added a “if”, “then”, “else” logic here
if [[ `wget -q -O - http://chmag.in/ | grep "Welcome to CHMag"` == "" ]]; then echo .Something is wrong. ; fi
OK perfect, this helps. But do we need to run it every time we need to check the website?
No, let’s put this in cron job & make a mail alert
Simply create a new CRON entry which looks like this
MAILTOemail@example.com 10 * * * * if [[ `wget -q -O - http://chmag.in/|grep "Welcome to CHMag"` == "" ]]; then echo .Something is Wrong.; fi
Now your cron task will run 10th minute of every hour and send you a mail if anything is wrong with the website.
This is just a brain teaser for you, you can use your own imagination now to twist it to suit your need better.
This will not work if only a part of your website is defaced leaving around your original text, such as someone managing to write a malicious post on your blog by getting SQL injection or some other web attack somehow, not deleting the core content. In such cases you can look for specific words such as “hacked” & then raise an alert. CHMag for sure can’t use this keyword & you know why.
Sorry, the work is not that easy here. I haven’t tried a lot on windows cause such things suits on a linux environment only.
Having said that let me tell you that it’s not impossible to use it on windows.
Best one would be cygwin 😀
Wget windows binary
Grep can be replaced by “find” command (tedious job here)
Tools like “bmail” can be used to send mails from command line in windows
Schedule tasks can also be created
So now it’s your homework to create a windows alternative to this Linux fun monitoring job & send us an article, we’ll cover the same in our next issue
Happy monitoring 🙂