This project focuses on performing basic security checks on a Linux system. Leveraging the power of BASH scripting, the project evaluates several potential security issues on the system and provides an overview of potential vulnerabilities. This tool aids system administrators in ensuring the integrity of their Linux machines and highlights areas of concern.
Provided by: GNU Project
Shell scripting: Various Contributors
https://www.gnu.org/software/bash/
The security checker evaluates the Linux system based on common potential vulnerabilities. Some of its key functionalities include:
This feature scans for user accounts that have no set passwords, a significant potential security risk.
awk -F: '($2 == "" ) { print $1 }' /etc/shadow
Displays all users with sudo
privileges, helping admins keep track of who can execute commands with elevated permissions.
cat /etc/group | grep sudo
World-writable files and directories can be modified by any user, presenting a security risk. The script identifies these entities.
find / -type f -perm -002 -print 2>/dev/null
find / -type d -perm -002 -print 2>/dev/null
Files with no owners can indicate orphaned or improperly configured files and directories.
find / -nouser -o -nogroup -print 2>/dev/null
Reviewing the last 100 lines of the auth log to check for failed login attempts, which could indicate brute force attacks.
tail -100 /var/log/auth.log | grep "Failed password"
Checking whether root login via SSH is permitted, which is often considered a security risk.
grep "PermitRootLogin" /etc/ssh/sshd_config | grep -v "#"
- Veronica Broadway (https://bwayvs.github.io/Professional_Portfolio/)
I'm Veronica, a results-driven Data Analyst with expertise in SAP and process improvement. With a background in translating complex requirements into actionable insights, I leverage SQL, data visualization tools, and Agile methodologies to optimize supply chains and drive business decisions. My passion lies in turning data into meaningful business strategies, ensuring organizational alignment, and fostering cross-functional collaboration.