From 85a63103aa8fae510c9000bb6cbf17e45518a46c Mon Sep 17 00:00:00 2001
From: Rob <robert.mclellan+github@gmail.com>
Date: Sat, 14 Dec 2024 23:57:17 -0800
Subject: [PATCH 1/2] Update vps-audit.sh

---
 vps-audit.sh | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/vps-audit.sh b/vps-audit.sh
index 58f6311..b5e9ebe 100755
--- a/vps-audit.sh
+++ b/vps-audit.sh
@@ -93,7 +93,6 @@ check_security() {
     echo "" >> "$REPORT_FILE"
 }
 
-
 # Check system uptime
 UPTIME=$(uptime -p)
 UPTIME_SINCE=$(uptime -s)
@@ -144,6 +143,8 @@ else
 fi
 
 # Check SSH default port
+UNPRIVILEGED_PORT_START=$(sysctl -n net.ipv4.ip_unprivileged_port_start)
+SSH_PORT=$(grep "^Port" /etc/ssh/sshd_config | awk '{print $2}')
 if [ -n "$SSH_CONFIG_OVERRIDES" ] && [ -d "$(dirname "$SSH_CONFIG_OVERRIDES")" ]; then
     SSH_PORT=$(grep "^Port" $SSH_CONFIG_OVERRIDES /etc/ssh/sshd_config 2>/dev/null | head -1 | awk '{print $2}')
 else
@@ -154,6 +155,8 @@ if [ -z "$SSH_PORT" ]; then
 fi
 if [ "$SSH_PORT" = "22" ]; then
     check_security "SSH Port" "WARN" "Using default port 22 - consider changing to a non-standard port for security by obscurity"
+elif [ "$SSH_PORT" -ge "$UNPRIVILEGED_PORT_START" ]; then
+    check_security "SSH Port" "FAIL" "Using unprivileged port $SSH_PORT -  use a port below $UNPRIVILEGED_PORT_START for better security"
 else
     check_security "SSH Port" "PASS" "Using non-default port $SSH_PORT which helps prevent automated attacks"
 fi

From c6ec8de870f3eb54945447ecc908fe11899d0f5e Mon Sep 17 00:00:00 2001
From: Israel Abebe <vernu1997@gmail.com>
Date: Sun, 15 Dec 2024 13:00:42 +0300
Subject: [PATCH 2/2] Update vps-audit.sh

---
 vps-audit.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/vps-audit.sh b/vps-audit.sh
index b5e9ebe..5dd5933 100755
--- a/vps-audit.sh
+++ b/vps-audit.sh
@@ -144,7 +144,7 @@ fi
 
 # Check SSH default port
 UNPRIVILEGED_PORT_START=$(sysctl -n net.ipv4.ip_unprivileged_port_start)
-SSH_PORT=$(grep "^Port" /etc/ssh/sshd_config | awk '{print $2}')
+SSH_PORT=""
 if [ -n "$SSH_CONFIG_OVERRIDES" ] && [ -d "$(dirname "$SSH_CONFIG_OVERRIDES")" ]; then
     SSH_PORT=$(grep "^Port" $SSH_CONFIG_OVERRIDES /etc/ssh/sshd_config 2>/dev/null | head -1 | awk '{print $2}')
 else