Tips-Of-Mine/Hardening-Linux-Debian-Ubuntu
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Hardening-Linux-Debian-Ubuntu/main.sh
hcornet 193689ed13 Good : full update
2025-04-25 08:46:09 +02:00

96 lines
2.5 KiB
Bash
Raw Blame History

#!/bin/bash
# =============================================================================
# Linux Security Hardening Script for Debian/Ubuntu
# =============================================================================
# Script version
VERSION="1.0.0"
# Set script directory
SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
# Source common functions and variables
source "$SCRIPT_DIR/common.sh"
# Ensure the script is run as root
if [ "$EUID" -ne 0 ]; then
echo " * This script must be run with sudo privileges."
echo " * Please run it again using: sudo $0"
echo
exit 1
fi
# Check if the system is Debian or Ubuntu
if ! grep -q -E "Debian|Ubuntu" /etc/issue && ! grep -q -E "Debian|Ubuntu" /etc/os-release; then
echo "This script is designed for Debian or Ubuntu systems only."
exit 1
fi
# Create necessary directories
create_directories
# Display banner
display_banner
# Display OS information
display_os_info
# Main execution
log_message "INFO" "Starting security hardening process"
# Initialize progress
TOTAL_STEPS=14
CURRENT_STEP=0
# Update and configure package management
$SCRIPT_DIR/modules/package_management.sh "Configuring package management"
# Configure SSH
$SCRIPT_DIR/modules/ssh_hardening.sh "Hardening SSH configuration"
# Configure firewall
$SCRIPT_DIR/modules/firewall.sh "Configuring firewall rules"
# Setup fail2ban
$SCRIPT_DIR/modules/fail2ban.sh "Setting up fail2ban"
# Configure system auditing
$SCRIPT_DIR/modules/auditing.sh "Configuring system auditing"
# Setup DNS
$SCRIPT_DIR/modules/dns_config.sh "Configuring DNS settings"
# Configure NTP
$SCRIPT_DIR/modules/ntp.sh "Configuring NTP"
# Setup automatic updates
$SCRIPT_DIR/modules/auto_updates.sh "Setting up automatic updates"
# Install and configure ClamAV
$SCRIPT_DIR/modules/antivirus.sh "Installing and configuring ClamAV"
# Setup custom prompt
$SCRIPT_DIR/modules/custom_prompt.sh "Setting up custom system prompt"
# Install GLPI agent
$SCRIPT_DIR/modules/glpi_agent.sh "Installing GLPI agent"
# Install Wazuh agent
$SCRIPT_DIR/modules/wazuh_agent.sh "Installing Wazuh agent"
# Setup monitoring (SNMP and NRPE)
$SCRIPT_DIR/modules/monitoring.sh "Setting up monitoring services"
# Apply additional security measures
$SCRIPT_DIR/modules/additional_hardening.sh "Applying additional security measures"
# Display completion message
echo
log_message "SUCCESS" "Security hardening completed successfully!"
echo "Log file available at: $LOG_FILE"
echo "System backup files stored at: $BACKUP_DIR"
echo
exit 0
Reference in New Issue View Git Blame Copy Permalink