#!/bin/bash

sudo clear
echo 'Updating...'
sudo apt install -y --ignore-missing ufw gufw clamav clamtk bleachbit chkrootkit rkhunter fail2ban portsentry libapache2-mod-security2 
sudo apt install -y --ignore-missing snort
sudo apt install -y --ignore-missing suricata
sudo suricata-update 
#wget https://servzero.net/arc/tools/f2b/jail.local; sudo mv jail.local /etc/fail2ban/
#wget https://servzero.net/arc/tools/f2b/ufw.f2b; sudo mv ufw.f2b ufw.f2b.conf; sudo mv ufw.f2b.conf /etc/fail2ban/filter.d/
sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf; sudo sh -c 'echo "SecRuleEngine DetectionOnly" >> /etc/modsecurity/modsecurity.conf'
sudo ufw allow ssh
sudo ufw reload
sudo ufw enable
sudo systemctl stop clamav-freshclam.service
sudo freshclam
sudo systemctl start clamav-freshclam.service
echo 'Scanning...'
clamscan --bell -raoiz --bytecode --scan-mail --phishing-sigs --cross-fs --log=cav.log --heuristic-alerts --phishing-scan-urls #--detect-pua #--detect-structured #-v
sudo chkrootkit
sudo rkhunter -c -x --sk
echo 'Done.'
echo 'Cleaning...'
bleachbit --clean system.tmp system.cache system.trash deepscan.tmp deepscan.thumbs_db deepscan.ds_store 
echo 'Done.'
echo 'Checking Firewall...'
sudo ufw status
sudo tail -f /var/log/fail2ban.log