#!/bin/bash
echo "#########check UID=0#########"
cat /etc/passwd|awk -F ':' '{if($3==0)print($1)}'
echo "#########check shadow null#########"
cat /etc/shadow|awk -F ':' '{if($2="")print($1)}'
echo "#########check Root ssh#########"|tee -a /tmp/wqout
cat /etc/ssh/sshd_config|grep PermitRootLogin|awk '{if($2=="yes")print $1,$2}'
echo "#########check Protocol version#########"
cat /etc/ssh/sshd_config|grep Protocol
echo "#########check X11 #########"
cat /etc/ssh/sshd_config|grep X11Forwarding|awk '{if($2=="yes")print($1,$2)}'
echo "#########check TMOUT #########"
cat /etc/profile|grep -i tmout
echo "#########check PASS_LEN #########"
cat /etc/login.defs|grep PASS_MIN_LEN|awk '{if($2<8) print ($1,$2)}'
echo "#########check PASSWORD #########"
cat /etc/pam.d/system-auth|grep password|grep requisite|grep pam_cracklib.so
echo "#########check PASS History #########"
cat /etc/pam.d/system-auth|grep password|grep sufficient|grep pam_unix.so
echo "#########check inittab #########"
cat /etc/inittab
echo "#########check umask #########"
cat /etc/profile|grep umask |grep -v By|awk '{print $2}'
echo "#########check secure log #########"
cat /etc/rsyslog.conf|grep -i authpriv|awk '{if($2=="/var/log/secure")print($1,$2)}'
chown root /etc/passwd
chgrp root /etc/passwd
chmod 644 /etc/passwd
chmod 400 /etc/shadow
chmod 664 /var/log/messages
chmod 664 /var/log/secure
chmod 664 /var/log/cron
chmod 664 /var/log/wtmp
chmod 664 /var/log/utmp
chmod 664 /var/log/lastlog
转载于:https://blog.51cto.com/406647516/1967537
1627
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
