Oracle数据库勒索病毒RushQL检测脚本

如果存在多台数据库，最好是配合ansible使用script模块,定期批量检查

#!/bin/sh
#Author: baililin 2018/11/20
#Desc: create by balll for RushQL oracle virs check

vircheck(){

su - oracle <<STA
sqlplus -S "/as sysdba" <<EOF
set pagesize 0
set heading off
set feedback off
select count(*) from dba_triggers where TRIGGER_NAME like  'DBMS_%_INTERNAL%' union all select count(*) from dba_procedures a where a.object_name like 'DBMS_%_INTERNAL% ';
exit;
EOF
STA
}

result=$(vircheck |grep -v 0)
if [ "$result" == "" ]; then
 echo "RushQL check ok"
else
 echo "RunshQL check warning"
fi

posted @ 2018-11-26 11:22 ^^Tom^^ 阅读(658) 评论(0) 编辑收藏举报

会员力量，点亮园子希望

刷新页面返回顶部

^^Tom^^

Oracle数据库勒索病毒RushQL检测脚本

公告