-
Notifications
You must be signed in to change notification settings - Fork 0
Script, Testing and Evaluation
Your script must always be able to display the following information:
- The architecture of your operating system and its kernel version.
#Architecture:
arch=$(uname -a)
- The number of physical processors.
#CPU:
cpu=$(nproc)
- The number of virtual processors.
#CPU:
vcpu=$(cat /proc/cpuinfo | grep processor | wc -l)
- The current available RAM on your server and its utilization rate as a percentage.
#RAM:
total_ram=$(free -m | awk '$1 == "Mem:" {print $2}')
used_ram=$(free -m | awk '$1 == "Mem:" {print $3}')
percent_ram=$(free | awk '$1 == "Mem:" {printf("%.2f"), $3/$2*100}')
- The current available memory on your server and its utilization rate as a percentage.
#Disk:
total_disk=$(df -Bg | grep '^/dev/' | grep -v '/boot$' | awk '{td += $2} END {print td}')
used_disk=$(df -Bg | grep '^/dev/' | grep -v '/boot$' | awk '{ud += $3} END {print ud}')
percent_disk=$(df -Bg | grep '^/dev/' | grep -v '/boot$' | awk '{ud += $3} {td+= $2} END {printf("%d"), (ud/td)*100}')
- The current utilization rate of your processors as a percentage.
#CPU:
cpu_usage=$(top -bn1 | grep '^%Cpu' | cut -c 9- | xargs | awk '{printf("%.1f%%"), $1 + $3}')
- The date and time of the last reboot.
#Last boot:
last_boot=$(who -b | awk '{print $3 " " $4}')
- Whether LVM is active or not.
#LVM:
lvm=$(lsblk | grep "lvm" | wc -l)
lvmu=$(if [ $lvm -eq 0 ]; then echo no; else echo yes; fi)
- The number of active connections.
**sudo apt install net-tools**
#Active Connections:
tcp=$(netstat -tunlp | grep tcp | wc -l)
- The number of users using the server.
#Users:
usrs=$(users | wc -w)
- The IPv4 address of your server and its MAC (Media Access Control) address.
#Network:
ip=$(hostname -I)
mac=$(ip a | grep ether | awk '{print $2}')
- The number of commands executed with the sudo program
#Commands:
cmds=$(journalctl_COMM=sudo | grep COMMAND | wc -l)
https
hostname:
-I: Display all network addresses of the host. This option enumerates all configured addresses on all network interfaces. The loopback interface and IPv6 link-local addresses are omitted.
uname:
-a → print all information -s → print the kernel name -v → print the kernel version
free:
-m → display output in MB
ss:
-t → display TCP sockets -a → all
netstat:
-tu → -n → show numeric addresses instead of trying to determine symbolic host, port or user names -l → show only listening sockets -p → show the PID and name of the program to which each socket belongs
awk:
AWK command in Unix/Linux with examples - GeeksforGeeks
wc:
wc command in Linux with examples - GeeksforGeeks
who:
linux last reboot time and date
hostname:
memory:
lsblk:
Comando lsblk no Linux (listar dispositivos de bloco) [Guia Básico] - Certificação Linux
netstat:
Netstat - Sabe com quem a sua máquina está a falar? - Pplware
grep:
Como Usar o Comando Grep no Linux
df:
How to Check Disk Space in Linux {df and du Commands}
cpu:
How to Check Number of Processor (vCPU) on Linux VPC - LookLinux
ss:
journalctl:
How to Check Sudo History in Linux - Make Tech Easier
To set up a strong password policy, you have to comply with the following requirements:
- Your password has to expire every 30 days.
- The minimum number of days allowed before the modification of a password will
be set to 2.
- The user has to receive a warning message 7 days before their password expires.
- Your password must be at least 10 characters long. It must contain an uppercase letter, a lowercase letter, and a number. Also, it must not contain more than 3 consecutive identical characters.
- The password must not include the name of the user.
- The following rule does not apply to the root password: The password must have at least 7 characters that are not part of the former password.
- Of course, your root password has to comply with this policy.
passwd
- Without uppercase letter: abacate1611
- Without lowercase letter: ABACATE1611
- Without 10 characters and similar: Abacate
- With name of the user: 123
- With 3 consecutive identical characters: aaaaLock123
-
sudo ufw status
- check ufw status; -
sudo service ssh status
- check SSH status -
ssh user@ip -p 4242
- enter remotely -
uname -v
- check OS -
getent group sudo
oruser
- check user in these 2 groups -
sudo adduser username
- create new user -
sudo chage -l username
- check the other password rules -
sudo nano /etc/login.defs
- check some of the documents -
sudo nano /etc/pam.d/common-password
- other rules -
sudo addgroup evaluating
- create a new group -
sudo adduser username evaluating
- add the user to the new group -
hostame
- check hostname -
hostnamectl set-hostname username
- change hostname -
lsblk
- check partitions -
sudo -V
- check if sudo is installed -
sudo adduser username sudo
- add user to sudo -
getent group sudo
- check if its correct -
sudo visudo
- check the rules -
sudo nano /var/log/sudo/sudo.log
- check the log -
dpkg -l ufw
- check UFW is correctly installed -
sudo ufw allow 8080
- allow port 8080 -
sudo ufw status
- check the port -
sudo ufw delete allow 8080
- delete the ports -
sudo service ssh status
- check SSH status -
sudo nano /usr/local/bin/monitoring.sh
- check script -
sudo crontab -u root -e
- check cron tabs -
dpkg -l | grep lighttpd
orMariaDB
orPHP