#!/bin/bash
for ((i=1;i<=254;i++))
do
ip=192.168.1.$i
ping $ip -c 1 |grep -q ‘ttl=’ && echo “$ip” >> alive.txt
done
#!/bin/bash
groupadd websphere
for user in app1 app2 app3 app4
do
useradd -g websphere -s /sbin/nologin -d /dev/null $user
(echo $user;echo $user) | smbpasswd -s -a $user
done
cat access.log |awk ‘{print $1}’|sort |uniq -c |sort -nr |head -10
#!/bin/sh
for i in 1 3 5 7 10
do
j=3
while (( “$j” > “$i” ))
do
if [ “$i” -gt 1 ]; then
break
fi
echo -n ” ”
let “j–”
done
k=1
while (( “$k” <= “$i” ))
do
echo -n “*”
let “k++”
done
echo ” ”
done
#!/bin/bash
m=1
for ((i=1;i<=100;i++))
do
#temp1
let “temp1=i%7”
if [ “$temp1” -ne 0 ]; then
continue
fi
#
echo -n “$i ”
#temp2
let “temp2=m%7”
#7
if [ “$temp2″ -eq 0 ]; then
echo ” ”
fi
let “m++”
done
#!/bin/bash
echo “”This is a system initialization script, careful”
input_fun()
{
OUTPUT_VAR=$1
INPUT_VAR=””
while [ -z $INPUT_VAR ];do
read -p “$OUTPUT_VAR” INPUT_VAR
done
echo $INPUT_VAR
}
input_again()
{
MYHOSTNAME=$(input_fun “please input the hostname:”)
DOMAINNAME=$(input_fun “please input the domainname:”)
CARD_TYPE=$(input_fun “please input card type(eth0):”)
IPADDR=$(input_fun “please input ip address(192.168.100.1):”)
NETMASK=$(input_fun “please input netmask(255.255.255.0):”)
GATEWAY=$(input_fun “please input gateway(192.168.100.1):”)
MYDNS1=$(input_fun “please input DNS1(114.114.114.114):”)
MYDNS2=$(input_fun “please input DNS2(8.8.4.4):”)
}
input_again
MAC=$(ifconfig $CARD_TYPE | grep “HWaddr” | awk -F[” “]+ ‘{print $5}’)
#SET COMPUTER NAME
cat >/etc/sysconfig/network <<ENDF
NETWORK=yes
HOSTNAME=$MYHOSTNAME
ENDF
cat >/etc/sysconfig/network-scripts/ifcfg-$CARD_TYPE <<ENDF
DEVICE=$CARD_TYPE
BOOTPROTO=static
HWADDR=$MAC
NM_CONTROLLED=yes
ONBOOT=yes
TYPE=Ethernet
IPV6INIT=no
IPADDR=$IPADDR
NETMASK=$NETMASK
GATEWAY=$GATEWAY
ENDF
/etc/init.d/network restart
cat >/etc/hosts <<ENDF
127.0.0.1 $MYHOSTNAME $MYHOSTNAME.$DOMAINNAME localhost
$IPADDR $MYHOSTNAME $MYHOSTNAME.$DOMAINNAME localhost
ENDF
cat >/etc/resolv.conf <<ENDF
domain $DOMAINNAME
search $DOMAINNAME
nameserver $MYDNS1
nameserver $MYDNS2
ENDF
#Close SELINUX
sed -i ‘s/SELINUX=enforcing/SELINUX=disabled/g’ /etc/sysconfig/selinux
setenforce 0
#Modify number of open files
echo “* soft nofile 66666” >> /etc/security/limits.conf
echo “* hard nofile 66666” >> /etc/security/limits.conf
#Optimize the kernel parameters
cat >> /etc/sysctl.conf << ENDF
net.ipv4.tcp_max_syn_backlog = 65536
net.core.netdev_max_backlog = 32768
net.core.somaxconn = 32768
net.core.wmem_default = 8388608
net.core.rmem_default = 8388608
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_timestamps = 0
net.ipv4.tcp_synack_retries = 2
net.ipv4.tcp_syn_retries = 2
net.ipv4.tcp_tw_recycle = 1
#net.ipv4.tcp_tw_len = 1
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_mem = 94500000 915000000 927000000
net.ipv4.tcp_max_orphans = 3276800
net.ipv4.ip_local_port_range = 1024 65535
ENDF
sysctl -p
#Turn off the system without service
for server in `chkconfig –list |grep 3:on|awk ‘{ print $1}’`
do
chkconfig –level 3 $server off
done
for server in crond network rsyslog sshd
do
chkconfig –level 3 $server on
done
## Increase user and sudo privilege escalation
user_add()
{
USERNAME=$(input_fun “please input new user name:”)
useradd $USERNAME
passwd $USERNAME
}
user_add
chmod +w /etc/sudoers
echo “$USERNAME ALL=(ALL) ALL” >>/etc/sudoers
chmod -w /etc/sudoers
# Set the time zone synchronization
yum -y install ntpdate
/usr/sbin/ntpdate time.nist.gov
echo “*/5 * * * * root /usr/sbin/ntpdate time.nist.gov 1> /dev/null 2>&1” >> /var/spool/cron/root
# Configure SSHD
sed -i ‘/^#Port/s/#Port 22/Port 65535/g’ /etc/ssh/sshd_config
sed -i ‘/^#UseDNS/s/#UseDNS yes/UseDNS no/g’ /etc/ssh/sshd_config
sed -i ‘s/#PermitRootLogin yes/PermitRootLogin no/g’ /etc/ssh/sshd_config
sed -i ‘s/#PermitEmptyPasswords no/PermitEmptyPasswords no/g’ /etc/ssh/sshd_config
iptables -A INPUT -p tcp –dport 65535 -j ACCEPT
/etc/init.d/sshd restart
Recent Comments