PublicMirrors/vps-audit
1
0
Fork 0
mirror of https://github.com/vernu/vps-audit.git synced 2025-01-23 13:35:06 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update vps-audit.sh

Browse Source
This commit is contained in:
Israel Abebe 2025-01-10 23:19:54 +03:00 committed by GitHub
parent 6fe37f6b30
commit 9feedffd14
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
vps-audit.sh
View File

@ -225,7 +225,20 @@ case "$IPS_INSTALLED$IPS_ACTIVE" in
esac esac
# Check failed login attempts # Check failed login attempts
FAILED_LOGINS=$(grep -c "Failed password" /var/log/auth.log 2>/dev/null || echo 0) LOG_FILE="/var/log/auth.log"
if [ -f "$LOG_FILE" ]; then
FAILED_LOGINS=$(grep -c "Failed password" "$LOG_FILE" 2>/dev/null || echo 0)
else
FAILED_LOGINS=0
echo "Warning: Log file $LOG_FILE not found or unreadable. Assuming 0 failed login attempts."
fi
# Ensure FAILED_LOGINS is numeric and strip whitespace
FAILED_LOGINS=$(echo "$FAILED_LOGINS" | tr -d '[:space:]')
# Remove leading zeros (if any)
FAILED_LOGINS=$((10#$FAILED_LOGINS)) # Use arithmetic evaluation to ensure it's numeric and format correctly.
if [ "$FAILED_LOGINS" -lt 10 ]; then if [ "$FAILED_LOGINS" -lt 10 ]; then
check_security "Failed Logins" "PASS" "Only $FAILED_LOGINS failed login attempts detected - this is within normal range" check_security "Failed Logins" "PASS" "Only $FAILED_LOGINS failed login attempts detected - this is within normal range"
elif [ "$FAILED_LOGINS" -lt 50 ]; then elif [ "$FAILED_LOGINS" -lt 50 ]; then