#!/bin/bash YELLOW="\033[1;33m" BLUE="\033[1;34m" RED="\033[1;31m" GRAY="\033[1;30m" GREEN="\033[1;32m" RESET='\033[0m' #OS Check echo -e "${YELLOW}############################${RESET}" echo -e "${YELLOW}# OS Check #${RESET}" echo -e "${YELLOW}############################${RESET}" echo Ubuntu 22.04.5 LTS "==>" $(hostnamectl | grep "Operating System" | cut -d: -f2- | sed 's/^[ \t]*//' |awk '{ if ($0 == "Ubuntu 22.04.5 LTS") print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD "$0"\033[0m"}') #Tune Check echo -e "${YELLOW}############################${RESET}" echo -e "${YELLOW}# Tune Check #${RESET}" echo -e "${YELLOW}############################${RESET}" echo fs.file-max "==>" $(sysctl fs.file-max |awk '{ if ($NF == 9223372036854775807) print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD "$NF"\033[0m"}') echo kernel.pid_max "==>" $(sysctl kernel.pid_max |awk '{ if ($NF == 4194304) print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD "$NF"\033[0m"}') echo -e "\n" #chronyd Check echo -e "${YELLOW}############################${RESET}" echo -e "${YELLOW}# chronyd Check #${RESET}" echo -e "${YELLOW}############################${RESET}" echo chronyd.service "==>" $(systemctl check chronyd.service |awk '{ if ($1 == "active") print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') echo Leap status "==>" $(chronyc tracking |grep -a 'Leap status' |awk '{ if ($NF == "Normal") print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') echo System clock synchronized "==>" $(timedatectl | grep -a 'System clock synchronized' |awk '{ if ($NF == "yes") print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') echo NTP service "==>" $(timedatectl | grep -a 'NTP service' |awk '{ if ($NF == "active") print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') echo -e "\n" #sfc_agent Check echo -e "${YELLOW}############################${RESET}" echo -e "${YELLOW}# sfc_agent Check #${RESET}" echo -e "${YELLOW}############################${RESET}" echo sfc_agent.service "==>" $(systemctl check sfc_agent.service |awk '{ if ($1 == "active") print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') #echo sfc_agent Port $(netstat -ltnp |grep $(systemctl show sfc_agent.service --property=MainPID | cut -d= -f2) |awk '{ if ($1 == 6666) print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') echo -e "\n" #influxd Check echo -e "${YELLOW}############################${RESET}" echo -e "${YELLOW}# influxd Check #${RESET}" echo -e "${YELLOW}############################${RESET}" echo influxd.service "==>" $(systemctl check influxd.service |awk '{ if ($1 == "active") print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') #echo sfc_agent Port $(netstat -ltnp |grep $(systemctl show sfc_agent.service --property=MainPID | cut -d= -f2) |awk '{ if ($1 == 6666) print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') echo -e "\n" #Omsa Check echo -e "${YELLOW}############################${RESET}" echo -e "${YELLOW}# Omsa Check #${RESET}" echo -e "${YELLOW}############################${RESET}" echo dsm_om_connsvc.service "==>" $(systemctl check dsm_om_connsvc.service |awk '{ if ($1 == "active") print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') #echo sfc_agent Port $(netstat -ltnp |grep $(systemctl show sfc_agent.service --property=MainPID | cut -d= -f2) |awk '{ if ($1 == 6666) print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') echo -e "\n" #Default Crontab Check echo -e "${YELLOW}############################${RESET}" echo -e "${YELLOW}# Crontab Check #${RESET}" echo -e "${YELLOW}############################${RESET}" echo gsneotek_isms_security Crontab "==>" $(crontab -l |grep -E "[0-9]{1,2} [0-9]{1,2} [0-9]{1,2} \* \* su - root -c '/security_script/gsneotek_isms_security_Ubuntu_v1.5.sh' #security check" |wc -l |awk '{ if ($1 == 1) print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') echo gsneotek_security Crontab "==>" $(crontab -l |grep -E "[0-9]{1,2} [0-9]{1,2} \* \* \* su - root -c '/security_script/gsneotek_security_V2.6.sh' #security check" |wc -l |awk '{ if ($1 == 1) print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') echo gsneotek_isms_security_Ubuntu_v1.5.sh HASH "==>" $(md5sum /security_script/gsneotek_isms_security_Ubuntu_v1.5.sh |awk '{ if ($1 == "45de7226d39f768dcd80ca0f9343ec13") print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') echo gsneotek_security_V2.6.sh HASH "==>" $(md5sum /security_script/gsneotek_security_V2.6.sh |awk '{ if ($1 == "de0e29c1d8cffd8f56cbd3c68457ff82") print "\033[1;32mGOOD\033[0m"; else print "\033[1;31mBAD\033[0m"}') echo -e "\n" #interface Check echo -e "${YELLOW}############################${RESET}" echo -e "${YELLOW}# interface Check #${RESET}" echo -e "${YELLOW}############################${RESET}" interface_list=($(ip -o link show | grep 'state UP' |grep -v LOOPBACK | awk -F: '{print $2}' | tr -d ' ')) for interface in "${interface_list[@]}" do echo ${interface} $(ethtool ${interface} |grep -a Speed |awk '{print $NF}') RX\(M/C\): $(ethtool -g ${interface} |grep -a "RX:" |head -n1 |awk '{print $NF}')/$(ethtool -g ${interface} |grep -a "RX:" |tail -n1 |awk '{print $NF}') done echo -e "\n" #Disk Check echo -e "${YELLOW}############################${RESET}" echo -e "${YELLOW}# Disk Check #${RESET}" echo -e "${YELLOW}############################${RESET}" disk_list=($(lsblk -d -o NAME,TYPE |awk '$2 == "disk" {print $1}')) for disk in "${disk_list[@]}" do echo ${disk} $(lsblk -d -n -o SIZE /dev/${disk}) $(awk '{ if ($1 == 0) print "SSD"; else if ($1 == 1) print "HDD"; else print "N/A" }' /sys/block/${disk}/queue/rotational) done