29 lines
1.3 KiB
Bash
29 lines
1.3 KiB
Bash
#!/bin/bash
|
|
|
|
sudo clear
|
|
echo 'Updating...'
|
|
sudo apt install -y --ignore-missing ufw gufw clamav clamtk bleachbit chkrootkit rkhunter fail2ban portsentry libapache2-mod-security2
|
|
sudo apt install -y --ignore-missing snort
|
|
sudo apt install -y --ignore-missing suricata
|
|
sudo suricata-update
|
|
#wget https://servzero.net/arc/tools/f2b/jail.local; sudo mv jail.local /etc/fail2ban/
|
|
#wget https://servzero.net/arc/tools/f2b/ufw.f2b; sudo mv ufw.f2b ufw.f2b.conf; sudo mv ufw.f2b.conf /etc/fail2ban/filter.d/
|
|
sudo cp /etc/modsecurity/modsecurity.conf-recommended /etc/modsecurity/modsecurity.conf; sudo sh -c 'echo "SecRuleEngine DetectionOnly" >> /etc/modsecurity/modsecurity.conf'
|
|
sudo ufw allow ssh
|
|
sudo ufw reload
|
|
sudo ufw enable
|
|
sudo systemctl stop clamav-freshclam.service
|
|
sudo freshclam
|
|
sudo systemctl start clamav-freshclam.service
|
|
echo 'Scanning...'
|
|
clamscan --bell -raoiz --bytecode --scan-mail --phishing-sigs --cross-fs --log=cav.log --heuristic-alerts --phishing-scan-urls #--detect-pua #--detect-structured #-v
|
|
sudo chkrootkit
|
|
sudo rkhunter -c -x --sk
|
|
echo 'Done.'
|
|
echo 'Cleaning...'
|
|
bleachbit --clean system.tmp system.cache system.trash deepscan.tmp deepscan.thumbs_db deepscan.ds_store
|
|
echo 'Done.'
|
|
echo 'Checking Firewall...'
|
|
sudo ufw status
|
|
sudo tail -f /var/log/fail2ban.log
|