Port Monitoring bash script
Hi guys,
I'm trying to learn better at bash scripting. I'm trying to write a script that monitors ports (ie. 80, 25, 53, 443, 143, 110, etc..) in bash. So I have server A that checks the ports on server B. Essentially, if server B's DNS went down it would spot that port 53 is no longer listening and would fire an e-mail to the admin. How does one do this? The only way I can think of is to run nmap from server A to server B and if it doesn't see port 53, then the e-mail would be sent to the admin (myself). Is this efficient or am I missing something that is more sensible/clear? I know nagios can monitor but I'm trying to write stuff like this myself so I have a better understanding of bash and its style. Any help is greatly appreciated. Thanks! -twantrd |
I think nmap is the obvious choice. "netcat" (nc) could do it probably also, but more difficult for UPD (e.g. DNS servers, though many also do tcp IIRC).
To test for UPD/25 (for nmap's to do UDP you need to be root, and specify -sU): Code:
#!/bin/bash |
Hi, thanks for the help! However, don't some ISP's get really mad (and possibly could ban you) if they detect that you are port scanning at a regular basis?
-twantrd |
You can also use the dig command to test a dns server :
dig @dns.serverb.net google.com A |
True.
If it's only for DNS, forget nmap. |
Well, that could be the case. However, you're only probing one port, and if you don't run it too often, it should be no problem IMHO.
Probing only one port isn't really scanning. Think about it: a normal DNS-lookup request is very normal to happen. On the other hand, nmap uses unusual packets (empty). Use -sT option for most normal TCP packets. |
However, I'm trying to monitor multiple ports using bash script. I could do a dig @<server B> <some domain name> but how could I monitor port 25 (smtp) and pop3 (110)?
-twantrd |
telnet yourhost.com 25 and telnet yourhost.com 110 ?
|
Yea, I was thinking of that too :). But then, how would you get out of say 'telnet myhost.com 25' because it would be stuck there until you hit a ctrl-] to display a telnet prompt. Is there a way to execute ctrl-] in bash?
-twantrd |
hi twantrd,
then try "netcat -z", that does nothing but connecting-sending nothing-disconnecting e.g. like this Code:
host=your.favouritehost.com bruce |
Thank you BRUCE! Works like a champ. Now I gotta figure out how to mail me the list of connections that were down? What I can think of is redirecting the list of 'down' connections to a file and mailing me that file. Any suggestions on how to do this to make it simplier? If you can't, that's fine...that netcat command is awesome. THANKS again!!
-twantrd |
hi twantrd,
if you need compressed output you could add up the ports that were detected down in one variable or in a bash array if you need it for later processing in the same script and then mail the contents of that variable or that array to you e.g. like this Code:
host=your.favouritehost.com So long... bruce |
apologies.
howto pull out listof hosts/ip addresses from a file and check it using the above script? |
apologies.
howto pull out listof hosts/ip addresses from a file and check it using the above (bruce_ford)script? |
Wow, this thread is 5 years old :)! I'm glad you searched for answers to your problem instead of posting a new thread.
If the file containing the list of ports is "port.txt", then Code:
for $port in `cat port.txt` |
All times are GMT -5. The time now is 10:41 AM. |