Lab 11: Shell Scripting

Objective

To get practice writing shell scripts

Task

For this lab, you will write three shell scripts. Name them "script1.sh", "script2.sh", and "script3.sh". For some of them you will need to use the whois command, so spend a little time reading the man page for this command. The three scripts will:

1. Search /var/log/auth.log for all users who attempted to ssh to your instance. Output a unique list of reverse alphabetically sorted users to a file called "ssh-attempts.txt".
2. Search /var/log/apache2/access_log for all IP addresses that access your website. If this file is empty, look in the /var/log/apache2 directory, it may have been rotated into another file. When you have the IP addresses, use whois to determine what country that IP originated from. The script should output a list of unique, alphabetically-sorted countries that accessed your site to a file called "country-access.txt".
3. Search /var/log/auth.log for all IP addresses that attempted to ssh into your VM with an invalid account name. Then, use whois to determine where abuse notifications (abuse-mailbox) should be sent for that IP address. Output a unique list of IP addresses and the corresponding emails to a file called "abuse-emails.txt". IP addresses and emails should be separated by a comma, such as 1.1.1.1,helpdesk@apnic.net. Note that not all IP addresses will have an abuse-mailbox entry. In that case, output the IP followed by a comma: 1.1.1.1,.

Submitting

Submit the three scripts in the assignment in Canvas.