Update vps-audit.sh

Feature: Added support for ss when netstat is not present

vps-audit.sh

@@ -188,21 +188,32 @@ else
     check_security "Running Services" "FAIL" "Too many services running ($SERVICES) - increases attack surface"
 fi
 
-# Check ports
-LISTENING_PORTS=$(netstat -tuln | grep LISTEN)
-PORT_COUNT=$(echo "$LISTENING_PORTS" | wc -l)
+# Check ports using netstat or ss
+if command -v netstat >/dev/null 2>&1; then
+    LISTENING_PORTS=$(netstat -tuln | grep LISTEN | awk '{print $4}')
+elif command -v ss >/dev/null 2>&1; then
+    LISTENING_PORTS=$(ss -tuln | grep LISTEN | awk '{print $5}')
+else
+    check_security "Port Scanning" "FAIL" "Neither 'netstat' nor 'ss' is available on this system."
+    LISTENING_PORTS=""
+fi
 
-# Get list of internet-accessible ports, excluding those explicitly denied by UFW
-PUBLIC_PORTS=$(netstat -tuln | grep LISTEN | \
-    awk '$4 !~ /127.0.0.1|::1/ && ($4 ~ /0.0.0.0/ || $4 ~ /::/)' | \
-    awk '{split($4, a, ":"); print a[length(a)]}' | sort -n | while read port; do
-        # Skip ports that are explicitly denied in UFW
-        if ! ufw status | grep -q "^$port.*DENY"; then
-            echo "$port"
-        fi
-    done | tr '\n' ',' | sed 's/,$//')
+# Process LISTENING_PORTS to extract unique public ports
+if [ -n "$LISTENING_PORTS" ]; then
+    PUBLIC_PORTS=$(echo "$LISTENING_PORTS" | awk -F':' '{print $NF}' | sort -n | uniq)
+    PORT_COUNT=$(echo "$PUBLIC_PORTS" | wc -w)
+    INTERNET_PORTS=$(echo "$PUBLIC_PORTS" | wc -w)
 
-INTERNET_PORTS=$(echo "$PUBLIC_PORTS" | tr ',' '\n' | wc -l)
+    if [ "$PORT_COUNT" -lt 10 ] && [ "$INTERNET_PORTS" -lt 3 ]; then
+        check_security "Port Security" "PASS" "Good configuration (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS"
+    elif [ "$PORT_COUNT" -lt 20 ] && [ "$INTERNET_PORTS" -lt 5 ]; then
+        check_security "Port Security" "WARN" "Review recommended (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS"
+    else
+        check_security "Port Security" "FAIL" "High exposure (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS"
+    fi
+else
+    check_security "Port Scanning" "WARN" "Port scanning failed due to missing tools. Ensure 'ss' or 'netstat' is installed."
+fi
 
 # Function to format the message with proper indentation for the report file
 format_for_report() {
@@ -210,21 +221,6 @@ format_for_report() {
     echo "$message" >> "$REPORT_FILE"
 }
 
-# Evaluate security based on both total ports and internet-accessible ports
-if [ "$PORT_COUNT" -lt 10 ] && [ "$INTERNET_PORTS" -lt 3 ]; then
-    RESULT="${GREEN}[PASS]${NC} Port Security ${GRAY}- Good configuration (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS${NC}"
-    echo -e "$RESULT"
-    format_for_report "[PASS] Port Security - Good configuration (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS"
-elif [ "$PORT_COUNT" -lt 20 ] && [ "$INTERNET_PORTS" -lt 5 ]; then
-    RESULT="${YELLOW}[WARN]${NC} Port Security ${GRAY}- Review recommended (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS${NC}"
-    echo -e "$RESULT"
-    format_for_report "[WARN] Port Security - Review recommended (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS"
-else
-    RESULT="${RED}[FAIL]${NC} Port Security ${GRAY}- High exposure (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS${NC}"
-    echo -e "$RESULT"
-    format_for_report "[FAIL] Port Security - High exposure (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS"
-fi
-
 # Check disk space usage
 DISK_TOTAL=$(df -h / | awk 'NR==2 {print $2}')
 DISK_USED=$(df -h / | awk 'NR==2 {print $3}')
@@ -307,4 +303,4 @@ echo -e "Review $REPORT_FILE for detailed recommendations."
 # Add summary to report
 echo "================================" >> "$REPORT_FILE"
 echo "End of VPS Audit Report" >> "$REPORT_FILE"
-echo "Please review all failed checks and implement the recommended fixes." >> "$REPORT_FILE"
+echo "Please review all failed checks and implement the recommended fixes." >> "$REPORT_FILE"