Subhasis180689

## cisscanfix.sh
#!/bin/bash
#To set permissions on all existing log files.
find -L /var/log -type f -exec chmod g-wx,o-rwx {} +;
#TMOUT determines the shell timeout for users, where time is in seconds.
echo "export TMOUT=600" >> /etc/bashrc;
echo "export TMOUT=600" >> /etc/profile;
#/var/run/utmp file tracks all currently logged in users.
#The /var/log/wtmp file tracks logins, logouts, shutdown, and reboot events and /var/log/btmp keeps track of failed login attempts.
echo -e "-w /var/run/utmp -p wa -k session \n-w /var/log/wtmp -p wa -k logins \n-w /var/log/btmp -p wa -k logins" >> /etc/audit/rules.d/cisscan.rules;
#Capture events where the system date and/or time has been modified.Rationale Unexpected changes in system date and/or time could be a sign of malicious activity on the system.

## monitoring.sh
#!/bin/bash
## Get Host IP to be used in alertmanager and prometheus
ip=$(ifconfig | grep "inet " | grep 10 | awk '{print $2}')
## Create Folder for prometheus database
mkdir /prom-data
chmod 777 /prom-data/

## install grafana
yum install https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana-4.6.3-1.x86_64.rpm
systemctl enable grafana-server

## hardeningscan.sh
sed -i -e 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
sudo yum install ntp ntpdate -y
chkconfig ntpd on
ntpdate pool.ntp.org
systemctl start ntpd
sudo yum install perl -y
perl -npe 's/umask\s+0\d2/umask 077/g' -i /etc/bashrc
perl -npe 's/umask\s+0\d2/umask 077/g' -i /etc/csh.cshrc
echo "Idle users will be removed after 15 minutes"
echo "readonly TMOUT=900" >> /etc/profile.d/os-security.sh
	#!/bin/bash
	#To set permissions on all existing log files.
	find -L /var/log -type f -exec chmod g-wx,o-rwx {} +;
	#TMOUT determines the shell timeout for users, where time is in seconds.
	echo "export TMOUT=600" >> /etc/bashrc;
	echo "export TMOUT=600" >> /etc/profile;
	#/var/run/utmp file tracks all currently logged in users.
	#The /var/log/wtmp file tracks logins, logouts, shutdown, and reboot events and /var/log/btmp keeps track of failed login attempts.
	echo -e "-w /var/run/utmp -p wa -k session \n-w /var/log/wtmp -p wa -k logins \n-w /var/log/btmp -p wa -k logins" >> /etc/audit/rules.d/cisscan.rules;
	#Capture events where the system date and/or time has been modified.Rationale Unexpected changes in system date and/or time could be a sign of malicious activity on the system.
	#!/bin/bash
	## Get Host IP to be used in alertmanager and prometheus
	ip=$(ifconfig \| grep "inet " \| grep 10 \| awk '{print $2}')
	## Create Folder for prometheus database
	mkdir /prom-data
	chmod 777 /prom-data/

	## install grafana
	yum install https://s3-us-west-2.amazonaws.com/grafana-releases/release/grafana-4.6.3-1.x86_64.rpm
	systemctl enable grafana-server
	sed -i -e 's/SELINUX=enforcing/SELINUX=disabled/g' /etc/selinux/config
	sudo yum install ntp ntpdate -y
	chkconfig ntpd on
	ntpdate pool.ntp.org
	systemctl start ntpd
	sudo yum install perl -y
	perl -npe 's/umask\s+0\d2/umask 077/g' -i /etc/bashrc
	perl -npe 's/umask\s+0\d2/umask 077/g' -i /etc/csh.cshrc
	echo "Idle users will be removed after 15 minutes"
	echo "readonly TMOUT=900" >> /etc/profile.d/os-security.sh