I have wrote a little script (matts-monitor.sh) to monitor for new devices on your subnet and then perform an action against each new device.<\/p>\n
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 <\/div><\/td> #!\/bin\/bash \n# \n# matts-monitor.sh v1.1 \n# This tool allows you to monitor your current subnet and then runs a command against the new target! \n# Create by Matthew Phillips \n# New versions can be downloaded from www.phillips321.co.uk \nVERSION="1.1" \n# \n# This tool requires nmap to be installed and to be run as root \n# \n# ChangeLog.... \n# Version 1.1 - Improved sort code \n# - Added better GATEWAY detection \n# - Allowed script escape by pressing enter \n# - Collated argument checking into 1 if statement \n# - Reports version number within usage \n# Version 1.0 - First Release \n################################################################# \n# CHECKING FOR ROOT \n################################################################# \nif [ `echo -n $USER` != "root" ] \nthen \n echo "MESSAGE:" \n echo "MESSAGE: ERROR: Please run as root!" \n echo "MESSAGE:" \n exit 1 \nfi \n \n################################################################# \n# CHECKING TO SEE IF INTERFACE AND INTERVAL PROVIDED \n################################################################# \nif [ -z ${1} ] || [ -z ${2} ] \nthen \n echo "MESSAGE: Version number ${VERSION}" \n echo "MESSAGE: Usage: `basename ${0}` [interface] [time between scans (secs)]" \n echo "MESSAGE: Example #`basename ${0}` eth0 60" \n exit 1 \nelse \n INTERFACE="`echo "${1}" | cut -c 1-6`" \n echo "MESSAGE: Monitoring ${1} for new devices" \n INTERVAL="`echo "${2}" | tr -cd '[:digit:]' | cut -c 1-4`" \n echo "MESSAGE: Scanning once every ${INTERVAL} seconds" \nfi \n \n################################################################# \n# IDENTIFY IP, GATEWAY and SUBNET \n################################################################# \nIPADDR=`ifconfig ${INTERFACE} | grep 'inet addr:'| grep -v '127.0.0.1' | cut -d: -f2 | awk '{print $1}'` \nSUBNET=`ifconfig ${INTERFACE} | grep 'Mask:'| grep -v '127.0.0.1' | cut -d: -f4` \nGATEWAY=`route -n | grep ${INTERFACE} | grep UG | sed -e 's\/[ \\t][ \\t]*\/#\/g' | cut -d '#' -f 2` \necho "MESSAGE: interface=${INTERFACE} gateway=${GATEWAY} ip.addr=${IPADDR} subnet=${SUBNET}" \n \n################################################################# \n# PERFORMING FIRST SCAN TO CREATE WHITELIST \n################################################################# \narp-scan -l -I ${INTERFACE} | sed -e '1,2d' -e '\/^$\/,+2 d' -e 's\/[ \\t][ \\t]*\/#\/g' | cut -d '#' -f 1 > WHITELIST.txt \nif [[ -s WHITELIST.txt ]] ; then \n echo "MESSAGE: The following devices were found and will be excluded from this monitor." \n cat WHITELIST.txt \nelse \n echo "MESSAGE: No IPs found during arp-scan, are you sure your interface is up?." \n exit 1 \nfi ; \n \n################################################################# \n# THIS IS THE MONITORING BIT \n################################################################# \necho "MESSAGE: Press enter to exit the scanner" \nwhile true; do \n arp-scan -l -I ${INTERFACE} | sed -e '1,2d' -e '\/^$\/,+2 d' -e 's\/[ \\t][ \\t]*\/#\/g' | cut -d '#' -f 1 > SCAN.txt \n sort SCAN.txt -o SCAN.txt \n NEWIP=`diff -a SCAN.txt WHITELIST.txt | grep \\< | sed -e 's\/< \/\/'` \n if [ ! -z ${NEWIP} ]; then \n echo "MESSAGE: New IP detected!!! ${NEWIP}" \n echo ${NEWIP} >> WHITELIST.txt \n ################################################################# \n # To run a command when new device found please enter it here \n xterm -e "echo we have found a new ip ${NEWIP} ; sleep 10" \n ################################################################# \n fi \n sort WHITELIST.txt -o WHITELIST.txt \n read -t ${INTERVAL} && break \ndone \n \n################################################################# \n# DELETE FILES CREATED DURING MONITORING \n################################################################# \nrm -rf SCAN.txt WHITELIST.txt<\/div><\/td><\/tr><\/tbody><\/table><\/div>\n","protected":false},"excerpt":{"rendered":" I have wrote a little script (matts-monitor.sh) to monitor for new devices on your subnet and then perform an action against each new device. 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182838485868788#!\/bin\/bash # # matts-monitor.sh v1.1 # This tool allows you to monitor your current subnet and then runs a command against the new target! # Create by Matthew Phillips # New […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[3,4],"tags":[33,34,32,31],"_links":{"self":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts\/43"}],"collection":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/comments?post=43"}],"version-history":[{"count":7,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts\/43\/revisions"}],"predecessor-version":[{"id":192,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/posts\/43\/revisions\/192"}],"wp:attachment":[{"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/media?parent=43"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/categories?post=43"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.phillips321.co.uk\/wp-json\/wp\/v2\/tags?post=43"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}} |