Skip to content

Script, Testing and Evaluation

Jump to bottom
Lucas Bordonal edited this page Dec 15, 2022 · 2 revisions

Script

monitoring.sh

Your script must always be able to display the following information:

  • The architecture of your operating system and its kernel version.
#Architecture:
arch=$(uname -a)
  • The number of physical processors.
#CPU:
cpu=$(nproc)
  • The number of virtual processors.
#CPU:
vcpu=$(cat /proc/cpuinfo | grep processor | wc -l)
  • The current available RAM on your server and its utilization rate as a percentage.
#RAM:
total_ram=$(free -m | awk '$1 == "Mem:" {print $2}')
used_ram=$(free -m | awk '$1 == "Mem:" {print $3}')
percent_ram=$(free | awk '$1 == "Mem:" {printf("%.2f"), $3/$2*100}')
  • The current available memory on your server and its utilization rate as a percentage.
#Disk:
total_disk=$(df -Bg | grep '^/dev/' | grep -v '/boot$' | awk '{td += $2} END {print td}')
used_disk=$(df -Bg | grep '^/dev/' | grep -v '/boot$' | awk '{ud += $3} END {print ud}')
percent_disk=$(df -Bg | grep '^/dev/' | grep -v '/boot$' | awk '{ud += $3} {td+= $2} END {printf("%d"), (ud/td)*100}')
  • The current utilization rate of your processors as a percentage.
#CPU:
cpu_usage=$(top -bn1 | grep '^%Cpu' | cut -c 9- | xargs | awk '{printf("%.1f%%"), $1 + $3}')
  • The date and time of the last reboot.
#Last boot:
last_boot=$(who -b | awk '{print $3 " " $4}')
  • Whether LVM is active or not.
#LVM:
lvm=$(lsblk | grep "lvm" | wc -l)
lvmu=$(if [ $lvm -eq 0 ]; then echo no; else echo yes; fi)
  • The number of active connections.
**sudo apt install net-tools**

#Active Connections:
tcp=$(netstat -tunlp | grep tcp | wc -l)
  • The number of users using the server.
#Users:
usrs=$(users | wc -w)
  • The IPv4 address of your server and its MAC (Media Access Control) address.
#Network:
ip=$(hostname -I)
mac=$(ip a | grep ether | awk '{print $2}')
  • The number of commands executed with the sudo program
#Commands:
cmds=$(journalctl_COMM=sudo | grep COMMAND | wc -l)
https

Notes

hostname:

-I: Display all network addresses of the host. This option enumerates all configured addresses on all network interfaces. The loopback interface and IPv6 link-local addresses are omitted.

uname:

-a → print all information -s → print the kernel name -v → print the kernel version

free:

-m → display output in MB

ss:

-t → display TCP sockets -a → all

netstat:

-tu → -n → show numeric addresses instead of trying to determine symbolic host, port or user names -l → show only listening sockets -p → show the PID and name of the program to which each socket belongs

Embed links

awk:

AWK command in Unix/Linux with examples - GeeksforGeeks

awk

wc:

wc command in Linux with examples - GeeksforGeeks

who:

linux last reboot time and date

hostname:

uhostnam

memory:

memory

lsblk:

Comando lsblk no Linux (listar dispositivos de bloco) [Guia Básico] - Certificação Linux

netstat:

Netstat - Sabe com quem a sua máquina está a falar? - Pplware

grep:

Como Usar o Comando Grep no Linux

df:

How to Check Disk Space in Linux {df and du Commands}

cpu:

How to Check Number of Processor (vCPU) on Linux VPC - LookLinux

ss:

ss(8) - Linux manual page

journalctl:

How to Check Sudo History in Linux - Make Tech Easier

Testing

Password tests

To set up a strong password policy, you have to comply with the following requirements:

  • Your password has to expire every 30 days.
  • The minimum number of days allowed before the modification of a password will

be set to 2.

  • The user has to receive a warning message 7 days before their password expires.
  • Your password must be at least 10 characters long. It must contain an uppercase letter, a lowercase letter, and a number. Also, it must not contain more than 3 consecutive identical characters.
  • The password must not include the name of the user.
  • The following rule does not apply to the root password: The password must have at least 7 characters that are not part of the former password.
  • Of course, your root password has to comply with this policy.
    • passwd
    • Without uppercase letter: abacate1611
    • Without lowercase letter: ABACATE1611
    • Without 10 characters and similar: Abacate
    • With name of the user: 123
    • With 3 consecutive identical characters: aaaaLock123

FTP tests

⚠️... Under Construction ... ⚠️

Evaluation

Evaluation Commands

  • sudo ufw status - check ufw status;
  • sudo service ssh status - check SSH status
  • ssh user@ip -p 4242 - enter remotely
  • uname -v - check OS
  • getent group sudo or user - check user in these 2 groups
  • sudo adduser username - create new user
  • sudo chage -l username - check the other password rules
  • sudo nano /etc/login.defs - check some of the documents
  • sudo nano /etc/pam.d/common-password - other rules
  • sudo addgroup evaluating - create a new group
  • sudo adduser username evaluating - add the user to the new group
  • hostame - check hostname
  • hostnamectl set-hostname username - change hostname
  • lsblk - check partitions
  • sudo -V - check if sudo is installed
  • sudo adduser username sudo - add user to sudo
  • getent group sudo - check if its correct
  • sudo visudo - check the rules
  • sudo nano /var/log/sudo/sudo.log - check the log
  • dpkg -l ufw  - check UFW is correctly installed
  • sudo ufw allow 8080 - allow port 8080
  • sudo ufw status - check the port
  • sudo ufw delete allow 8080 - delete the ports
  • sudo service ssh status - check SSH status
  • sudo nano /usr/local/bin/monitoring.sh  - check script
  • sudo crontab -u root -e - check cron tabs
  • dpkg -l | grep lighttpd or MariaDB or PHP
Clone this wiki locally