#!/bin/sh
## iptables 열고 싶은 포트를 먼저 적어준다.
## useradd 소속될 기본 그룹과 일반 그룹을 지정해 주어야 한다.
echo "1:종료 2:방화벽설정 3:사용자추가 4.모듈추가 5.시스템정보 6.SYN공격방어 7.SYN방어해제 8.서버종료"
echo "9:SCP복사 10:포트스캐닝 11:패킷DROP 12.PING막기"
OPTIONS="Quit iptables useradd insmod systemInfo SYNFloodON SYNFloodOFF shutdown scp portscan iptables2i pingoff"
echo "9:SCP복사 10:포트스캐닝 11:패킷DROP 12.PING막기"
OPTIONS="Quit iptables useradd insmod systemInfo SYNFloodON SYNFloodOFF shutdown scp portscan iptables2i pingoff"
select opt in $OPTIONS; do
if [ $opt = "Quit" ]; then
echo bye
exit
elif [ $opt = "iptables" ]; then
/sbin/iptables -F
/sbin/iptables -A INPUT -p tcp --dport 22 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 3306 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 21 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 20 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 143 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 6667 -j ACCEPT
/sbin/iptables -A INPUT -p udp --dport 6667 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 1:30000 -j DROP
/sbin/iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
echo "Done."
if [ $opt = "Quit" ]; then
echo bye
exit
elif [ $opt = "iptables" ]; then
/sbin/iptables -F
/sbin/iptables -A INPUT -p tcp --dport 22 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 80 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 3306 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 21 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 20 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 143 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 6667 -j ACCEPT
/sbin/iptables -A INPUT -p udp --dport 6667 -j ACCEPT
/sbin/iptables -A INPUT -p tcp --dport 1:30000 -j DROP
/sbin/iptables -A INPUT -p icmp --icmp-type echo-request -j DROP
echo "Done."
elif [ $opt = "useradd" ]; then
echo -n "Login name? "
read var_useradd1
echo -n "initial group? "
read var_useradd2
echo -n "member of... "
read var_useradd3
/usr/sbin/useradd $var_useradd1 -g $var_useradd2 -G $var_useradd3 -s /bin/bash
/usr/bin/passwd $var_useradd
echo "Done."
echo -n "Login name? "
read var_useradd1
echo -n "initial group? "
read var_useradd2
echo -n "member of... "
read var_useradd3
/usr/sbin/useradd $var_useradd1 -g $var_useradd2 -G $var_useradd3 -s /bin/bash
/usr/bin/passwd $var_useradd
echo "Done."
elif [ $opt = "insmod" ]; then
echo -n "Module name ? "
read var_insmod1
echo -n "Module I/O Address ? "
read var_insmod2
echo -n "Module IRQ ? "
read var_insmod3
/sbin/insmod io=$var_insmod2 irq=$var_insmod3 $var_insmod1
echo -n "Module name ? "
read var_insmod1
echo -n "Module I/O Address ? "
read var_insmod2
echo -n "Module IRQ ? "
read var_insmod3
/sbin/insmod io=$var_insmod2 irq=$var_insmod3 $var_insmod1
elif [ $opt = "systemInfo" ]; then
echo "PCI information to PCI_INFO.txt"
/sbin/lspci > PCI_INFO.txt
echo "Modules information to MOD_INFO.txt"
echo "PCI information to PCI_INFO.txt"
/sbin/lspci > PCI_INFO.txt
echo "Modules information to MOD_INFO.txt"
elif [ $opt = "shutdown" ]; then
echo -n "after? (minutes) "
read var_shutdown
echo "System shutdown after $var_shutdown minutes!!"
/sbin/shutdown -h +$var_shutdown System shutdown after $var_shutdown minutes!!
echo -n "after? (minutes) "
read var_shutdown
echo "System shutdown after $var_shutdown minutes!!"
/sbin/shutdown -h +$var_shutdown System shutdown after $var_shutdown minutes!!
elif [ $opt = "SYNFloodON" ]; then
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
echo Done
echo "1" > /proc/sys/net/ipv4/tcp_syncookies
echo Done
elif [ $opt = "SYNFloodOFF" ]; then
/sbin/sysctl -w net.ipv4.tcp_syncookies=0
echo Done
/sbin/sysctl -w net.ipv4.tcp_syncookies=0
echo Done
elif [ $opt = "scp" ] ; then
echo "source file?(1 file)"
read var_scp
echo "logon ID? "
read var_scp0
echo "target host? "
read var_scp1
echo "target directory?(or Just Press Enter)"
read var_scp2
/usr/bin/scp $var_scp $var_scp0@$var_scp1:$var_scp2
echo Done
echo "source file?(1 file)"
read var_scp
echo "logon ID? "
read var_scp0
echo "target host? "
read var_scp1
echo "target directory?(or Just Press Enter)"
read var_scp2
/usr/bin/scp $var_scp $var_scp0@$var_scp1:$var_scp2
echo Done
elif [ $opt = "portscan" ]; then
echo "target IP or Domain? "
read var_portscan
/usr/bin/nmap -F -O $var_portscan
echo "target IP or Domain? "
read var_portscan
/usr/bin/nmap -F -O $var_portscan
elif [ $opt = "iptables2" ];then
echo "Host ? "
read var_iptables20
echo "1 : INPUT or 2 : OUTPUT ? (1 or 2) "
read var_iptables21
if [ $var_iptables21 = "1" ]; then
/sbin/iptables -A INPUT -s $var_iptables20 -j REJECT
elif [ $var_iptables21 = "2" ]; then
/sbin/iptables -A OUTPUT -d $var_iptables20 -j REJECT
else
echo "Wrong Number"
fi
elif [ $opt = "pingoff" ]; then
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
echo Done
else
clear
echo "Quit is 1"
fi
done
echo "Host ? "
read var_iptables20
echo "1 : INPUT or 2 : OUTPUT ? (1 or 2) "
read var_iptables21
if [ $var_iptables21 = "1" ]; then
/sbin/iptables -A INPUT -s $var_iptables20 -j REJECT
elif [ $var_iptables21 = "2" ]; then
/sbin/iptables -A OUTPUT -d $var_iptables20 -j REJECT
else
echo "Wrong Number"
fi
elif [ $opt = "pingoff" ]; then
echo 1 > /proc/sys/net/ipv4/icmp_echo_ignore_all
echo Done
else
clear
echo "Quit is 1"
fi
done
댓글 없음:
댓글 쓰기
국정원의 댓글 공작을 지탄합니다.