iplist-to-check-against-malware-monitors

Linux bash script to check list of IPs (by default OpenVZ VPS IPs) against list of Anti-malware monitors/webpages and report if some IP host bad website according to the malware monitor.

Aim of this script is to extract OpenVZ VPS IPs (one can add custom IP list) on the host server and check several antimalware webpages if such IP do not host any badware.

If some domain is returned on the antimalware webpage, then admin is notiffied via email that the IP may host bad webpage.

If server behind the IP is open resolver, admin is one-time notiffied too.

Installation

Script should be placed in its own folder, it will create 4 another files for its internal work

Anti-malware sites should be added/set within the script code. Its URLs should contains placeholder for the IP so results can be refined for particular IP

This script is using ramdisk in aim to reduce HDD iops. If mount is not supported, one need to replace "/tmpramdrive/" occurences by another working path

Script can be made to work with fixed IP list, not OpenVZ VPS IP list. Just comment out or delete line: vzlist | grep -oE "\b([0-9]{1,3}.){3}[0-9]{1,3}\b" > $thisscriptdir/vmips and then populate file vmips by your IPs

Improvement ideas:

• report possible bad domain only if is online, returns code 200
• report possible bad domain only if "host domain.name" returns our IP (bad website not moved to other provider)