hhf/MySQLTuner-perl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Adding banned port option to detect banned ports

Browse source
This commit is contained in:
Christine 2016-03-21 17:41:14 +01:00
parent 42b09f83ab
commit 1ffee5606a
1 changed files with 15 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

16
mysqltuner.pl
View file

@ -72,7 +72,8 @@ my %opt = (
"skipsize" => 0, "skipsize" => 0,
"checkversion" => 0, "checkversion" => 0,
"buffers" => 0, "buffers" => 0,
"passwordfile" => 0, "passwordfile" => 0,
"bannedports" => '',
"outputfile" => 0, "outputfile" => 0,
"dbstat" => 0, "dbstat" => 0,
"idxstat" => 0, "idxstat" => 0,
@ -92,6 +93,7 @@ GetOptions(
'mysqlcmd=s', 'help', 'buffers', 'skippassword', 'mysqlcmd=s', 'help', 'buffers', 'skippassword',
'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', 'json', 'passwordfile=s', 'outputfile=s', 'silent', 'dbstat', 'json',
'idxstat', 'noask', 'template=s', 'reportfile=s', 'cvefile=s', 'idxstat', 'noask', 'template=s', 'reportfile=s', 'cvefile=s',
'bannedports=s',
); );
if ( defined $opt{'help'} && $opt{'help'} == 1 ) { usage(); } if ( defined $opt{'help'} && $opt{'help'} == 1 ) { usage(); }
@ -134,6 +136,7 @@ sub usage {
. " --debug Print debug information\n" . " --debug Print debug information\n"
. " --dbstat Print database information\n" . " --dbstat Print database information\n"
. " --idxstat Print index information\n" . " --idxstat Print index information\n"
. " --bannedports ports banned separated by comma(,)\n"
. " --cvefile CVE File for vulnerability checks\n" . " --cvefile CVE File for vulnerability checks\n"
. " --nocolor Don't print output in color\n" . " --nocolor Don't print output in color\n"
. " --json Print result as JSON string\n" . " --json Print result as JSON string\n"
@ -160,6 +163,9 @@ $opt{cvefile} = "/usr/share/mysqltuner/vulnerabilities.csv"
$opt{cvefile} ='' unless -f "$opt{cvefile}"; $opt{cvefile} ='' unless -f "$opt{cvefile}";
$opt{cvefile} ='./vulnerabilities.csv' if -f './vulnerabilities.csv'; $opt{cvefile} ='./vulnerabilities.csv' if -f './vulnerabilities.csv';
$opt{'bannedports'}='' unless defined($opt{'bannedports'});
my @banned_ports=split ',', $opt{'bannedports'};
# #
my $outputfile = undef; my $outputfile = undef;
$outputfile = abs_path( $opt{outputfile} ) unless $opt{outputfile} eq "0"; $outputfile = abs_path( $opt{outputfile} ) unless $opt{outputfile} eq "0";
@ -908,6 +914,14 @@ sub system_recommendations {
} else { } else {
goodprint "No Application server runing on 8080 or 8443 port."; goodprint "No Application server runing on 8080 or 8443 port.";
} }
foreach my $banport (@banned_ports) {
if ( is_open_port($banport) ) {
badprint "Banned port: $banport is opened..";
push( @generalrec, "Port $banport is opened. Consider stopping program handling this port." );
} else {
goodprint "$banport is not opened.";
}
}
} }
sub security_recommendations { sub security_recommendations {