PublicMirrors/vps-audit
1
0
Fork 0
mirror of https://github.com/vernu/vps-audit.git synced 2025-01-23 05:24:58 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #19 from Un1q32/patch-1

Browse Source 
Various improvements
This commit is contained in:
Israel Abebe 2025-01-10 23:20:36 +03:00 committed by GitHub
commit 52bbc23605
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 19 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
vps-audit.sh
View File

@ -1,4 +1,4 @@
#!/bin/bash
#!/usr/bin/env bash
# Colors for output
GREEN='\033[0;32m'
@ -41,9 +41,9 @@ echo "================================" >> "$REPORT_FILE"
print_header "System Information"
# Get system information
OS_INFO=$(cat /etc/os-release | grep PRETTY_NAME | cut -d'"' -f2)
OS_INFO=$(grep PRETTY_NAME /etc/os-release | cut -d'"' -f2)
KERNEL_VERSION=$(uname -r)
HOSTNAME=$(hostname)
HOSTNAME=$HOSTNAME
UPTIME=$(uptime -p)
UPTIME_SINCE=$(uptime -s)
CPU_INFO=$(lscpu | grep "Model name" | cut -d':' -f2 | xargs)
@ -225,7 +225,20 @@ case "$IPS_INSTALLED$IPS_ACTIVE" in
esac
# Check failed login attempts
FAILED_LOGINS=$(grep "Failed password" /var/log/auth.log 2>/dev/null | wc -l)
LOG_FILE="/var/log/auth.log"
if [ -f "$LOG_FILE" ]; then
FAILED_LOGINS=$(grep -c "Failed password" "$LOG_FILE" 2>/dev/null || echo 0)
else
FAILED_LOGINS=0
echo "Warning: Log file $LOG_FILE not found or unreadable. Assuming 0 failed login attempts."
fi
# Ensure FAILED_LOGINS is numeric and strip whitespace
FAILED_LOGINS=$(echo "$FAILED_LOGINS" | tr -d '[:space:]')
# Remove leading zeros (if any)
FAILED_LOGINS=$((10#$FAILED_LOGINS)) # Use arithmetic evaluation to ensure it's numeric and format correctly.
if [ "$FAILED_LOGINS" -lt 10 ]; then
check_security "Failed Logins" "PASS" "Only $FAILED_LOGINS failed login attempts detected - this is within normal range"
elif [ "$FAILED_LOGINS" -lt 50 ]; then
@ -245,7 +258,7 @@ else
check_security "System Updates" "FAIL" "$UPDATES security updates available - system is vulnerable to known exploits"
fi
# Check running services
SERVICES=$(systemctl list-units --type=service --state=running | grep "loaded active running" | wc -l)
SERVICES=$(systemctl list-units --type=service --state=running | grep -c "loaded active running")
if [ "$SERVICES" -lt 20 ]; then
check_security "Running Services" "PASS" "Running minimal services ($SERVICES) - good for security"
elif [ "$SERVICES" -lt 40 ]; then
@ -364,7 +377,7 @@ echo "================================" >> "$REPORT_FILE"
echo "System Information Summary:" >> "$REPORT_FILE"
echo "Hostname: $(hostname)" >> "$REPORT_FILE"
echo "Kernel: $(uname -r)" >> "$REPORT_FILE"
echo "OS: $(cat /etc/os-release | grep PRETTY_NAME | cut -d'"' -f2)" >> "$REPORT_FILE"
echo "OS: $(grep PRETTY_NAME /etc/os-release | cut -d'"' -f2)" >> "$REPORT_FILE"
echo "CPU Cores: $(nproc)" >> "$REPORT_FILE"
echo "Total Memory: $(free -h | awk '/^Mem:/ {print $2}')" >> "$REPORT_FILE"
echo "Total Disk Space: $(df -h / | awk 'NR==2 {print $2}')" >> "$REPORT_FILE"