PublicMirrors/vps-audit
1
0
Fork 0
mirror of https://github.com/vernu/vps-audit.git synced 2025-01-23 13:35:06 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #3 from vernu/show-exposed-ports

Browse Source 
show list of publicly exposed ports
This commit is contained in:
Israel Abebe 2024-12-14 15:22:59 +03:00 committed by GitHub
commit fd0a363398
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 34 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

41
vps-audit.sh Normal file → Executable file
View File

@ -133,14 +133,41 @@ else
check_security "Running Services" "FAIL" "Too many services running ($SERVICES) - increases attack surface" check_security "Running Services" "FAIL" "Too many services running ($SERVICES) - increases attack surface"
fi fi
# Check active internet connections # Check ports
CONNECTIONS=$(netstat -tuln | grep LISTEN | wc -l) LISTENING_PORTS=$(netstat -tuln | grep LISTEN)
if [ "$CONNECTIONS" -lt 10 ]; then PORT_COUNT=$(echo "$LISTENING_PORTS" | wc -l)
check_security "Open Ports" "PASS" "Minimal ports open ($CONNECTIONS) - good security posture"
elif [ "$CONNECTIONS" -lt 20 ]; then # Get list of internet-accessible ports, excluding those explicitly denied by UFW
check_security "Open Ports" "WARN" "$CONNECTIONS ports open - consider closing unnecessary ports" PUBLIC_PORTS=$(netstat -tuln | grep LISTEN | \
awk '$4 !~ /127.0.0.1|::1/ && ($4 ~ /0.0.0.0/ || $4 ~ /::/)' | \
awk '{split($4, a, ":"); print a[length(a)]}' | sort -n | while read port; do
# Skip ports that are explicitly denied in UFW
if ! ufw status | grep -q "^$port.*DENY"; then
echo "$port"
fi
done | tr '\n' ',' | sed 's/,$//')
INTERNET_PORTS=$(echo "$PUBLIC_PORTS" | tr ',' '\n' | wc -l)
# Function to format the message with proper indentation for the report file
format_for_report() {
local message="$1"
echo "$message" >> "$REPORT_FILE"
}
# Evaluate security based on both total ports and internet-accessible ports
if [ "$PORT_COUNT" -lt 10 ] && [ "$INTERNET_PORTS" -lt 3 ]; then
RESULT="${GREEN}[PASS]${NC} Port Security ${GRAY}- Good configuration (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS${NC}"
echo -e "$RESULT"
format_for_report "[PASS] Port Security - Good configuration (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS"
elif [ "$PORT_COUNT" -lt 20 ] && [ "$INTERNET_PORTS" -lt 5 ]; then
RESULT="${YELLOW}[WARN]${NC} Port Security ${GRAY}- Review recommended (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS${NC}"
echo -e "$RESULT"
format_for_report "[WARN] Port Security - Review recommended (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS"
else else
check_security "Open Ports" "FAIL" "Too many open ports ($CONNECTIONS) - significant attack surface" RESULT="${RED}[FAIL]${NC} Port Security ${GRAY}- High exposure (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS${NC}"
echo -e "$RESULT"
format_for_report "[FAIL] Port Security - High exposure (Total: $PORT_COUNT, Public: $INTERNET_PORTS accessible ports): $PUBLIC_PORTS"
fi fi
# Check disk space usage # Check disk space usage