Basic Security Checks
beginnersecuritybashhardeningaudit
Develop a comprehensive security audit script for Linux server hardening
← Back to BeginnerLearning Objectives
- Understand common system security vulnerabilities and mitigations
- Learn to perform basic security audits on Linux systems
- Develop security monitoring and reporting skills
- Implement server hardening best practices
- Create actionable security recommendations
Requirements
You are required to write a Bash script security-check.sh that performs a comprehensive security audit on a Linux system:
- User Account Security
- List all accounts, highlighting those with UID 0 (root equivalent)
- Identify users with empty or weak password hashes
- List users with sudo privileges
- Check password aging policies
- Detect accounts with duplicate UIDs
- SSH Configuration Audit
- Check
/etc/ssh/sshd_config - Flag if default port 22 is in use
- Verify root login is disabled
- Check authentication method (password vs. key-based)
- Verify SSH protocol version is 2
- Check idle timeout settings
- Check
- Firewall Verification
- Check if UFW/iptables/firewalld is installed and running
- Verify default policies
- List open ports and allowed services
- Flag overly permissive rules (
0.0.0.0/0) - Verify rate limiting on SSH
- System Security Checks
- Detect running services and open ports (
ss,netstat) - Verify critical file permissions (
/etc/passwd,/etc/shadow) - Check for world-writable files in critical directories
- Verify SUID/SGID binaries
- Check for available security updates
- Detect running services and open ports (
- Logging and Monitoring
- Verify system logging is configured
- Review failed login attempts
- Check for unauthorized cron jobs
- Verify disk usage (full disks prevent logging)
Stretch Goals
- Generate a security score (0–100) based on findings
- Create an HTML report with color-coded severity levels
- Add remediation recommendations for each finding
- Add rootkit scanning using
rkhunter
Deliverables
security-check.shimplementing all required checks- Example output from a test system
- Documentation covering: usage, tests performed, result interpretation, and remediation steps
References
- How To Secure A Linux Server
- CIS Linux Benchmarks
- NIST Security Controls
- SSH Hardening Guide
- OpenSCAP Security Compliance
- Linux Security Checklist
Once you complete this task you will be familiar with basic Linux security auditing - essential knowledge for maintaining secure infrastructure and a direct prerequisite for the cloud and infrastructure tasks ahead.
Submit Your Solution
Completed this project? Share your solution with the community!
- Push your code to a GitHub repository
- Open an issue on our GitHub repo with your solution link
- Share on X with the hashtag #DevOpsDiary