#!/bin/bash cd /tmp # replace the next line by downloading my find to /tmp/bonk if you have no lynx mv bonk bonk- mv onk onk- lynx -source http://.../find >/tmp/bonk chmod 755 /tmp/bonk /tmp/bonk / -name ' *' -o -name '. *' -o -name '..?*' -ls | tee -a /tmp/onk /tmp/bonk / -perm +6000 -type f -ls | tee -a /tmp/onk /tmp/bonk /dev -type f -o -type d -ls | tee -a /tmp/onk /tmp/bonk / -perm +022 -not -type l -ls | grep -v /dev/ | tee -a /tmp/onk lsof -n | tee -a /tmp/onk netstat -a -n | tee -a /tmp/onk cat /proc/net/tcp | tee -a /tmp/onk cat /proc/net/udp | tee -a /tmp/onk lsmod | tee -a /tmp/onk cat /proc/modules | tee -a /tmp/onk ps auxww | tee -a /tmp/onk cat /proc/[0-9]*/status | tee -a /tmp/onk cat /proc/partitions | tee -a /tmp/onk cat /proc/mounts | tee -a /tmp/onk chmod 400 /tmp/onk # fill in another mail address if you want for the next two lines: cat /tmp/onk | mail -s 'post mortem' YOU@YOURDOMAIN cat /tmp/onk | mailx -s 'post mortem' YOU@YOURDOMAIN # check if the mail has worked - else do this: (remove the "###") echo "Do not answer y here before you made sure the post mortem" echo "mail has reached you and you have saved that mail or printed it" rm -i /tmp/onk # If you want, save your server logs to somewhere. # The files are: /var/log/warn /var/log/firewall /var/log/mail and # /var/log/messages -- THOSE can be sent by mail: # cat /var/log/ONE-OF-THEM | mail -s 'subject' YOUR@MAIL # (repeat for all 4 - maybe other files in /var/tmp, too - if you want.) # NEXT, you may want to save /var/log/lastlog /var/log/faillog /var/log/wtmp # -- this does not work well with mail, so use a floppy or another method, # if you want to save them at all.