## Simple changes to inform the file can be used for site inspection

A very old-fashioned and easy file change notice was already written more than ten years ago. It changed the path name for webmaster of UNIX’s reference as many websites were hacked and hidden with Trojan horses.

Anyone who knows little about the UNIX can use it easily. The feature is very simple.

The main function is checking and notifying the administrator within an hour if any file modifications are found. In this case, Administrator can check the vulnerabilities of the system if any unexpected changes are found. It’s meaningless to do file recovery if the system has been invaded. The below example does not contain a file restore function.

find /var/www/htdocs -type f -mmin -60 -print >! xx.$$set lines = wc -l xx.$$
\rm xx.$$else mail -s file_changed me@xxx.com < xx.$$
\rm xx.$$endif ** Note 1. Replace /var/www/htdocs to monitoring path. 2. me@xxx.com : Please change to your own email address. 1. In crontab, please add: 0 * * * * /bin/csh /chk_file.csh >/dev/null 2>&1 That's it, if there is any changing file in monitor path, we will email to inform you. To monitor the multiple paths only need to change a line as below, find /var/www/htdocs /var/www/web2 -type f -mmin -60 -print >! xx.$$