#!/bin/sh

CHECKSERVER="10.10.10.2"
LASTCHECKFILE="/root/sun_md5_check/md5check.last"
NOWCHECKFILE="/root/sun_md5_check/md5check.now"

echo "Intrusion Detection Script."
echo

> $NOWCHECKFILE

ssh $CHECKSERVER '
  for dir in /bin/ /sbin/ /usr/bin/ /usr/sbin/ /lib/ /usr/lib/
  do
    /usr/bin/find $dir -type f | xargs /usr/bin/md5sum 
  done      
' >> $NOWCHECKFILE

if test $? -ne 0 ; then
  echo "Aborted!"  
  exit 1
fi

if test -f $LASTCHECKFILE ; then
    diff $LASTCHECKFILE $NOWCHECKFILE
    echo
    if test $? -eq 0 ; then      
      echo "check done. everything ist okay :-)"      
    else      
      echo "-------------------------------------------------------------------------"
      echo " ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT ALERT"
      echo "-------------------------------------------------------------------------"
    fi
    echo
else
    echo "Could not find previous $LASTCHECKFILE"
    echo "So, I created a new one, but there was NO CHECK DONE!"
fi    

mv -f $NOWCHECKFILE $LASTCHECKFILE

exit 0