Skip to content
/ System-Networking-Admin Public

Unix commands for sysadmins. Notes from the book, "Networking for Systems Administrators" by Lucas. The "rootalert" directory contains python script that constantly polls the '/var/log/auth.log' logfile of a server to monitor when a user ssh or gains root access to the machine. And will send sms alert to the machine owner. Runs as systemd service.

0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

chimezdev/System-Networking-Admin

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
rootalert
rootalert
 
 
.gitignore
.gitignore
 
 
README.md
README.md
 
 
Vagrantfile
Vagrantfile
 
 
hellow.sh
hellow.sh
 
 
linux.txt
linux.txt
 
 
linux_intro.txt
linux_intro.txt
 
 
rootalert.jpg
rootalert.jpg
 
 

Repository files navigation

SSH/ROOT ALERT SCRIPT

The "rootalert folder" contains python script that sends sms alert when a user ssh into the server where this code is running as a systemd service or becomes a root user. This project idea is from David. Github

INSTALLATION

Setup Environment

python -m venv venv
venv\Scripts\activate
pip install -r requirements.txt

Run

provision an Amazon EC2 Linux server for this. Keep the project dir in the /root Using rsync, copy this project directory to your target linux server. rsync -avzhp --exclude rootalert/venv rootalert root@ec2_ip:/root/ If your are using a Windows OS run, scp -i imc.pem -r rootalert ubuntu@ec2_ip:/home/ubuntu

Ubuntu server setup

sudo apt-get -y update
sudo apt-get -y upgrade
sudo apt-get -y install virtualenv
virtualenv -p python3 venv
source venv/bin/activate
pip install -r requirements.txt

Use the secrets.env(create it here: /home/ubuntu/rootalert/secrets.env) file in the project directory to pass your secrets and reference it in the rootalert.service systemd unit file(create it in this path: /etc/systemd/system/rootalert.service).

VONAGE_API_KEY=YOUR_VONAGE_ACC_API_KEY
VONAGE_SECRET=ACCOUNT_API_SECRET
TARGET_PHONE_NUMBER=RECEIVER_PHONE_NUMBER
SOURCE_NUMBER=SOURCE

Copy this repo over, adjust paths in rootalert.service Copy rootalert.service to /etc/systemd/system/ into whichever target directory you want (probably multi-user)

systemctl list-unit-files
systemctl daemon-reload
systemctl start rootalert
systemctl enable rootalert
systemctl stop rootalert

Alert

About

Unix commands for sysadmins. Notes from the book, "Networking for Systems Administrators" by Lucas. The "rootalert" directory contains python script that constantly polls the '/var/log/auth.log' logfile of a server to monitor when a user ssh or gains root access to the machine. And will send sms alert to the machine owner. Runs as systemd service.

Topics

python networking systemd bash-scripting systemadministration

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages