I am researching how to set up a shell script to run Netstat commands on a UNIX server to scan for open ports. I want each command to run every 5 minutes over a 24 hour period and email me the findings.
Is this possible ?
Asked
Active
Viewed 503 times
1 Answers
0
Sure it's possible.
Though on a UNIX machine, you may want to use something else than netstat (maybe sockstat would do better on a FreeBSD server?).
You'll have to do some setup to be able to send mails correctly (sendmail is already there on a FreeBSD server, but you'll certainly have to enable and configure it a little bit, or install and use another mail software; also, ensure the e-mails your server will be sending are "identified" by mechanisms like spf and dkim to avoid seing them rejected by mail servers).
You can define a cron job to run the script as regularly as you want, everyday, every minute.
Each of these steps requires some work! I'd proceed slowly, step by step.
zezollo
- 4,606
- 5
- 28
- 59
-
thanks for your response. The problem I have is this will be used to check ports used/not used by web services which are not continuously running. So we may test the port and its open at the time of testing but actually is assigned to an application . Does this make sense? – DavidMc Aug 03 '17 at 14:54
-
By application, you mean one of these web services? Then, if you're looking for open ports and they're open at the time of testing, I don't know how the script may guess it should not report them, apart from providing it with a list of exceptions (services names). Or define a "minimum open time" for a port before the script reports it. No idea if any of this is relevant, because I have no idea about the purpose of your reporting opent ports (security?). And if your applications are not web services, then, why don't you use local ports for them? – zezollo Aug 04 '17 at 06:33