#!/bin/bash #set -o xtrace #This script is for grading your system. Please do NOT alter it, as it #will put your results in a standard format to make it easy for me to #grade. echo "This is the Spring 2007 version for CIS226AL using Centos 4.4" echo "This is your final system grading script. It is quite simplistic, " echo "but do NOT alter it, as I will expect things to come out in a " echo "particular order, and if they do not, I will not grade your output" echo "nor will I give you any credit for it." echo "Now, before you continue, you must make sure that all your" echo "assignments are DONE as well as the following" echo "If you shut down sendmail, turn it back on!" echo "ALSO, your NETWORK MUST BE UP TO CONTINUE" echo "Your writediary program should be copied to /root and" echo "Porsentryd should be in /etc/rc.d/init.d and set up" echo "via chkconfig in run level 3" echo "You can check the gradefile that is created as /root/gradefile," echo "if it looks good" echo "Then edit gradespring2007 and remove the comment on the very last line" echo "Or just attach the /root/gradefile to an email to me with thunderbird" #set this directory to where YOUR chkrootkit install is located #DO NOT put a / on the end of the path chkrootdir=/home/philw/chkrootkit-0.47 #Path to your secure web Document Root secureweb=/var/www/secure #Path to your plain virtual host Document Root plainvirt=/var/www/html #Path to virtual host Document Root that prevents bandwidth stealing bandwidthvirt=/var/www/microsoft #Path to virtual host DocumentRoot that has password setup for the directory passwdvirt=/var/www/bob #Path to users home web directory userdirpath=/home/philw/public_html #Path to your phpmyadmin install phpmyadmin=/var/www/secure/ridiculous echo "Are you ready to continue? type y or n " read choice if [ $choice = n ]; then echo "Please get everything ready and try again" exit 1; else echo "Let's get going then" fi echo "A gradefile will be created in the /root directory called" echo "gradefile" file=~/gradefile #This line sets the date and wipes the gradefile clean date > $file echo "What is your name?" read student echo "STUDENT NAME" >> $file echo "$student" >> $file echo "Spring 2007 Gradescript for CIS226AL" >> $file echo "Stops at portSentry, newuser script to be emailed seperately" >> $file echo "************************************************" >> $file date >> $file echo "******************************************************" >> $file echo "PRINTER CONFIGURATION" >> $file cat /etc/cups/printers.conf >> $file echo "Done grading Printer configuration" echo >> $file echo "*****************************************************" >> $file echo "Checking to see if runlevel 3 is properly set up" echo "Check to see that vsftpd, httpd is in runlevel 3" >> $file echo "And check that mysql, ntp are also in runlevel 3" >> $file echo "And that Nessus was added as well, though not necessarily started" >> $file echo " and that portmap, netfs, pcmcia etc are NOT" >> $file ls /etc/rc.d/rc3.d/ >> $file echo "********" >> $file echo "is there a file in /var/ftp/pub?" >> $file ls -a /var/ftp/pub >> $file echo "Look to see if anonymous ftp is on in vsftpd.conf" >> $file cat /etc/vsftpd/vsftpd.conf >> $file echo "*****************************************************" >> $file echo >> $file echo "CHECK resolv.conf" >> $file cat /etc/resolv.conf >> $file echo >> $file date >> $file echo >> $file echo "****************************************************" >> $file echo "CHECKING VARIOUS RPMS THEY HAD TO INSTALL" >> $file echo >> $file rpm -qf /etc/snort/snort.conf >> $file echo "***************************************************" >> $file echo "Checking chkrootkit installation" >> $file $chkrootdir/chkrootkit >> $file echo "***************************************" >> $file echo "Checking to see if the repos are setup right" >> $file cat /etc/yum.repos.d/* >> $file echo "Did they update to php 5, mysql 5 etc ? " >> $file yum check-update updates=$? if [ $updates != 0 ]; then echo "There are still updates that should be installed!!" >> $file else echo "All updates are installed via YUM " >> $file fi yum list php-* >> $file echo "***************************************" >> $file echo "checking kernel version" >> $file ls -l /boot >> $file uname -a >> $file echo "******************************************************" >> $file echo "CHECKING PORTSENTRY SETUP" >> $file grep iptable /usr/local/psionic/portsentry2/portsentry.conf >> $file echo "Checking portsentry.ignore" >> $file cat /usr/local/psionic/portsentry2/portsentry.ignore >> $file echo >> $file echo "IS PORTSENTRY started IN RC.LOCAL?" >> $file echo "And is the proc setting in RC.LOCAL?" >> $file cat /etc/rc.d/rc.local >> $file echo >> $file echo "***********************************************" >> $file echo " HTTPD.CONF!! " >> $file echo "THIS IS A BIGGY!! A copy of the httpd.conf file" >> $file echo "Looking for the following items: " >> $file echo "1. the filename.inc protection " >> $file echo "2. the userdir configuration " >> $file echo "3. Virtual Hosts setups " >> $file echo "3a. One with bandwidth stealing " >> $file echo "3b. One with a directory password" >> $$file echo "***********************************************" >> $file cat /etc/httpd/conf/httpd.conf >> $file echo "***********************************************" >> $file echo "***********************************************" >> $file echo " SSL.CONF " >> $file tail -n 170 /etc/httpd/conf.d/ssl.conf | head -n 20 >> $file echo "********************************************" >> $file date >> $file echo "Contents of Secure web directory $secureweb" >> $file ls -l $secureweb >> $file echo "******" >> $file cat $secureweb/*.html >> $file cat $secureweb/*.php >> $file echo "Contents of Plain virtual host directory $plainvirt" >> $file ls -l $plainvirt >> $file echo "******" >> $file cat $plainvirt/*.html >> $file cat $plainvirt/*.php >> $file echo "Contents of Bandwidth Prevention Virtual Host $bandwidthvirt" >> $file ls -l $bandwidthvirt >> $file echo "******" >> $file cat $bandwidthvirt/*.html >> $file cat $bandwidthvirt/*.php >> $file echo "Contents of password protected virtual host $passwdvirt" >> $file ls -l $passwdvirt >> $file echo "******" >> $file cat $passwdvirt/*.html >> $file cat $passwdvirt/*.php >> $file echo "Contents of Users Web Directory $userdirpath" >> $file ls -l $userdirpath >> $file echo "******" >> $file cat $userdirpath/*.html >> $file cat $userdirpath/*.php >> $file echo "***********************************************************************" >> $file echo "CHECKING PHPMYADMIN CONFIG.INC.PHP file!" >>$file cat $phpmyadmin/config.inc.php >> $file echo "***********************************************************************" >> $file echo "Checking Tripwire Setup" >> $file ls -l /etc/tripwire >> $file echo "***********************************************************************" >> $file echo "Checking Firewall Setup!!" >> $file /sbin/iptables -t filter -L -v -n >> $file echo "*********" >> $file echo "Contents of rc.local file" >> $file less /etc/rc.d/rc.local >> $file echo "***********************************************************************" >> $file echo "done check /root/gradefile " echo "If all goes well, re run the script after removing the # on the " echo "very last line. Sendmail should be running, otherwise" echo "use the redhat, server settings, services to start sendmail" echo "very last line. Sendmail should be running, otherwise" echo "use the redhat, server settings, services to start sendmail" echo "or you can just copy the last line and run it on the command line" echo "Additionally, you can just send it to me as an attachment with Thunderbird" #cat /root/gradefile | mail waclawski@mail.mc.maricopa.edu