直接上脚本
该脚本并不能检测出服务器有什么性能问题,或者安全问题,只是简单的展示检查结果,至于服务器是否有什么问题,还需要执行者自行根据结果去分析,判断。
具体内容,如下,有详细注释。
#!/bin/bash
exec 2>/dev/null
#检查用户
check_users(){
echo -e "\e[0;49;95m##########check users who can login system##########\e[2;49;32m"
awk -F: '$0 ~ /\/bin\/bash|\/bin\/sh/{ORS=" ";print $1}END{print "\n"}' /etc/passwd
echo -e "\e[0;49;95m##########check super users##########\e[2;49;32m"
awk -F: '$3==0||$4==0{ORS=" ";print $1}END{print "\n"}' /etc/passwd
echo -e "\e[0;49;95m##########check remote login users##########\e[2;49;32m"
last --limit 10 --ip --time-format iso|grep pts|sed -e 's/\+08:00//g' -e 's/T/ /g' -Ee 's/[ ]+pts\/[0-9][ ]+/ /g'
echo -e "\e[0;49;95m##########check sudoers##########\e[2;49;32m"
cat /etc/sudoers | grep -v "^#\|^$" | grep "ALL=(ALL"
echo -e "\e[0;49;95m##########check current login users##########\e[2;49;32m"
who
echo
}
#检查任务计划
check_tasks(){
echo -e "\e[0;49;95m##########check crontab/anacrontab##########\e[2;49;32m"
cat /etc/crontab |grep -E "^[1-9]"
find /etc/cron*/* -type f -exec ls -lR --full-time {} \;|awk '{print $6,$7,$9}'|sed -E 's/\.[0-9]{9}//g'
find /var/spool/ -type f -name '*cron*' -exec ls -lh --full-time {} \;|awk '{print $6,$7,$9}'|sed -E 's/\.[0-9]{9}//g'
echo -e "\e[0;49;95m##########check system timer##########\e[2;49;32m"
systemctl list-timers --all|grep -Ev "^[1-9]|^$"
echo
}
#检查用户进程
check_processes(){
#检查联网进程
echo -e "\e[0;49;95m##########check progress using network##########\e[2;49;32m"
ss -ntp --no-header|awk '$6 !=""{print $6,$4,$5}'
#检查占用资源进程
echo -e "\e[0;49;95m##########check process which use cpu,mem much more##########\e[2;49;32m"
ps -eo pid,euid,euser,%cpu,%mem,cmd --sort=-%cpu,%mem|awk 'BEGIN{print "pid\tuid\tuser\t%cpu\t%mem\tcmd"}$6 ~ /^\//&&($4>1||$5>1){$0=$1"\t"$2"\t"$3"\t"$4"\t"$5"\t"$6;print}'
echo
}
#检查磁盘占用
check_disks(){
echo -e "\e[0;49;95m##########check disk space##########\e[2;49;32m"
lsblk -o NAME,SIZE,FSAVAIL,FSUSED,FSUSE%,MOUNTPOINT
echo
}
#检查内存使用情况
check_memory(){
echo -e "\e[0;49;95m##########check memmory##########\e[2;49;32m"
free -ht
}
#检查cpu使用情况
check_cpu(){
echo -e "\e[0;49;95m##########check cpu##########\e[2;49;32m"
uptime|awk '{print $(NF-2),$(NF-1),$NF}'
echo
}
#检查网络
check_network(){
#统计ip连接数:
echo -e "\e[0;49;95m##########check ip totals##########\e[2;49;32m"
ss -ant --no-header|awk '$5 ~ /^[1-9]/{ip=substr($5,0,index($5,":")-1);++s[ip]}END{for (i in s) printf "%10s\t%15s\n",i,s[i]}'|sort -nrk2
#统计tcp连接状态:
echo -e "\e[0;49;95m##########check tcp state##########\e[2;49;32m"
ss -ant --no-header|awk '{++s[$1]}END{for (i in s) printf "%10s\t%15s\n",i,s[i]}'|sort -nrk2
#统计本地tcp端口连接数:
echo -e "\e[0;49;95m##########check local tcp port totals##########\e[2;49;32m"
ss -ant --no-header|awk '$1 = /ESTAB/{port=substr($4,index($4,":")+1);++s[port]}END{for (i in s) printf "%10s\t%15s\n",i,s[i]}'|sort -nrk2
#统计外部tcp端口数:
echo -e "\e[0;49;95m##########check remote tcp port totals##########\e[2;49;32m"
ss -ant --no-header|awk '$1 = /ESTAB/{port=substr($5,index($5,":")+1);++s[port]}END{for (i in s) printf "%10s\t%15s\n",i,s[i]}'|sort -nrk2
#本地监听端口
echo -e "\e[0;49;95m##########check local tcp/udp listening port##########\e[2;49;32m"
ss -nlutp --no-header|awk '$7!=""{printf("%-5s%-10s%-20s%-s\n",$1,$2,$5,$7)}'
echo
}
#检查拥有suid权限的可执行文件
check_suid(){
echo -e "\e[0;49;95m##########check sid privilege file##########\e[2;49;32m"
for i in {/bin/,/sbin/};do find $i -type f -perm -4100;done
echo
}
#检查防火墙
check_firewall(){
echo -e "\e[0;49;95m##########check firewall config##########\e[2;49;32m"
firewall-cmd --list-all
echo
}
#检查系统环境变量
check_env(){
echo -e "\e[0;49;95m##########check env##########\e[2;49;32m"
env|grep -iv color
echo
}
#检查系统服务
check_service(){
echo -e "\e[0;49;95m##########check enabled srevice##########\e[2;49;32m"
systemctl list-unit-files --type service --state enabled --no-pager|grep -Ev "^[1-9]|^$"|grep enabled|awk '{$0=$1;print}'
echo
}
#检查启动项脚本
check_boot_scripts(){
echo -e "\e[0;49;95m##########check boot scripts##########\e[2;49;32m"
cat /etc/rc.local|grep -v "^#"
echo
}
#检查所有项目
check_all(){
check_performance
check_safe
echo
}
#暂停功能
pause(){
echo -n "pess any key to continue..."
read -s -n 1
echo
}
#检查服务器性能
check_performance(){
while true
do
show_performance_menu
echo -n "[performance]:"
read -s -n 1 choice
echo
case $choice in
1)
check_processes
pause
;;
2)
check_disks
pause
;;
3)
check_memory
pause
;;
4)
check_cpu
pause
;;
a)
check_processes
check_disks
check_memory
check_cpu
;;
q)
break
;;
esac
done
}
#检测服务器安全项目
check_safe(){
while true
do
show_safe_menu
echo -n "[safe]:"
read -s -n 1 choice
echo
case $choice in
1)
check_users
pause
;;
2)
check_tasks
pause
;;
3)
check_processes
pause
;;
4)
check_network
pause
;;
5)
check_suid
pause
;;
6)
check_firewall
pause
;;
7)
check_env
pause
;;
8)
check_service
pause
;;
9)
check_boot_scripts
pause
;;
a)
check_users
check_tasks
check_processes
check_service
check_boot_scripts
check_env
check_firewall
check_suid
check_network
;;
q)
break
;;
esac
done
}
#安全检测项目
show_safe_menu(){
echo -e "\e[0;49;95m##########check linux system##########\e[2;49;32m"
cat<<-EOF
1......检查用户
2......检查任务计划
3......检查用户进程
4......检查网络
5......检查拥有suid权限的可执行文件
6......检查防火墙
7......检查系统环境变量
8......检查系统服务
9......检查启动项脚本
a......检查所有项
q......返回上级菜单
EOF
}
#性能检测项目
show_performance_menu(){
echo -e "\e[0;49;95m##########check linux system##########\e[2;49;32m"
cat<<-EOF
1......检查用户进程
2......检查磁盘占用
3......检查内存使用情况
4......检查cpu使用情况
a......检查所有项
q......返回上级菜单
EOF
}
#总菜单
show_menu(){
echo -e "\e[0;49;95m##########check linux system##########\e[2;49;32m"
cat<<-EOF
1......检查性能项目
2......检查安全项目
a......检查所有项
q......退出
EOF
}
#主函数
run(){
while true
do
show_menu
echo -n "[main]:"
read -s -n 1 choice
echo
case $choice in
1)
check_performance
;;
2)
check_safe
;;
a)
check_all
pause
;;
q)
exit
;;
esac
done
}
run
运行效果
运行结果有2级菜单,如下为主菜单
如果选择1,进入性能检查项目子菜单,如图
继续输入菜单序号,则进入具体检查项目
如果选择2,进入安全项目检查子菜单,如图
继续输入菜单序号,则进入具体检查项目
具体检查内容及结果,若有兴趣可自行测试。