Linux Security script A simple, interactive Bash script designed to automate basic security auditing and maintenance tasks on Linux systems. It provides a quick way to check and address common security configurations, making it easier to maintain a secure baseline.

This script is compatible with Debian/Ubuntu and Fedora/RHEL-based distributions.

Features System Updates: Automatically checks for and applies the latest package updates and upgrades (apt or dnf).

Firewall Check: Verifies the status of UFW or firewalld and prompts to enable it if it's inactive.

Failed Login Detection: Scans logs (/var/log/auth.log or journalctl) for recent failed SSH login attempts.

SSH Hardening: Checks /etc/ssh/sshd_config for insecure settings like root login and password authentication, with an option to fix them automatically.

File Permissions Audit: Verifies that critical files like /etc/passwd and /etc/shadow have the correct permissions.

World-Writable File Scan: Scans the filesystem for world-writable files, which can be a security risk.

Unnecessary Services Check: Identifies potentially insecure and unnecessary services like telnet and vsftpd.

Colored Reporting: Provides a clear, color-coded summary of the audit results (Green for OK, Red for Warnings).

Logging: All actions and results are logged to a file for later review.

Requirements A Linux system based on Debian/Ubuntu or Fedora/RHEL.

bash installed (which is default on most systems).

sudo privileges are required for most operations, such as updating packages, enabling the firewall, and modifying configuration files.

Installation & Setup Download the script: You can either clone the repository or download the system_check.sh script directly.

Make the script executable: Open your terminal and run the following command to give the script execution permissions:

chmod +x system_check.sh

How to Run and Use the Script It is highly recommended to run the script with sudo to allow it to perform all checks and apply fixes correctly.

sudo ./system_check.sh

Upon running, you will be greeted with an interactive menu:

--- Linux Security Audit Menu ---

1. Update System Packages (sudo required)
2. Check Firewall Status (sudo required)
3. Run Full Security Audit
4. Exit

---

Select an option [1-4]:

Menu Options

1. Update System Packages: This will run apt update && apt upgrade or dnf update to ensure your system is up-to-date with the latest security patches.

2. Check Firewall Status: This checks if UFW or firewalld is active. If not, it will ask for your permission to enable it, automatically allowing SSH connections to prevent you from being locked out.

3. Run Full Security Audit: This is the most comprehensive option. It runs all the checks in sequence: Firewall, Failed Logins, SSH Config, File Permissions, Unnecessary Services, and World-Writable files.

4. Exit: Terminates the script.

Logging The script generates a log file that records all the checks performed and their results. This is useful for tracking your system's security status over time.

If you run the script with sudo, the log file is located at: /var/log/security_audit.log

If you run it as a regular user, the log file is located in your home directory: ~/security_audit.log

Benefits Automation: Saves time by automating repetitive security checks.

Ease of Use: The interactive menu makes it accessible even for users who are not security experts.

Quick Security Snapshot: Provides a fast and effective way to assess the basic security posture of a Linux server or desktop.

Proactive Hardening: Helps you identify and fix common security vulnerabilities before they can be exploited.

Consistency: Ensures a consistent set of security checks is performed regularly across multiple systems.

Disclaimer This script is a tool for basic security auditing and is not a substitute for a comprehensive security assessment. It should be used as part of a broader security strategy. Always back up critical files before making changes to your system configuration.