-
Notifications
You must be signed in to change notification settings - Fork 9
/
security-monthly.sh
executable file
·70 lines (52 loc) · 1.32 KB
/
security-monthly.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
#!/bin/sh
####
#
# SuSE monthly security check v2.0 by Marc Heuse <marc@suse.de>
#
####
MY_DIR=$(dirname $(readlink -f $0))
. $MY_DIR/basic.inc
. $MY_DIR/helper.inc
run_sysconfig_seccheck
OLD1="$SEC_VAR/security-report-daily"
#OLD2="$SEC_VAR/security-report-weekly"
#OLD3="$SEC_VAR/security-report-monthly"
# create SEC_DATA and SEC_VAR. directories used to store and persist data
create_secdir
# initialize rmp-md5, sbit, write, device and write-bin
initialize_secfiles $SEC_DATA
# XXX: is it really necessary?
if [ ! -e "$OLD1" ];then
touch "$OLD1"
fi
#for i in "$OLD1" "$OLD2" "$OLD3" ; do
# if [ "$i" != "" ]; then
# if [ ! -e "$i" ]; then
# touch "$i"
# fi
# fi
#done
echo '
NOTE: have you checked http://www.novell.com/products/security.html for security updates?!
'
cat "$OLD1"
check_guessable_passwords "quick"
echo "
Complete list of unused user accounts which have a password assigned:"
$SEC_BIN/checkneverlogin
echo "
Complete list of writeable and executeable programs:"
cat "$SEC_DATA/write-bin"
echo "
Complete list of suid/sgid files:"
cat "$SEC_DATA/sbit"
echo "
Complete list of world writeable files:"
cat "$SEC_DATA/write"
echo "
Complete list of all changed installed packages:"
cat "$SEC_DATA/rpm-md5"
echo "
Complete list of (char/block) devices:"
cat "$SEC_DATA/devices"
exit 0