Forked from apolloclark/reverse-engineer a server build
Created
December 11, 2016 13:22
-
-
Save andyspicer/eec53321340888ee9093070ee0dfe01c to your computer and use it in GitHub Desktop.
Audit Debian and Ubuntu servers
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
# Script to reverse engineer the build of a given Debian / Ubuntu server | |
# I do this all the time: take an existing server, create a Bash / Ansible / Puppet / Chef | |
# built script, to allow Continuous Depoyment. | |
# It's tedious, but this script will give you the basics to get started. | |
# Make sure you have "sudo" access to get all the details. | |
# setup folders | |
cd /tmp | |
mkdir -p /tmp/server-build | |
# history | |
echo history > 01.history.txt | |
# system | |
uname -a > 02.os.txt | |
echo "" >> 02.os.txt | |
lsb_release -da >> 02.os.txt | |
echo "" >> 02.os.txt | |
hostnamectl >> 02.os.txt | |
# system users | |
sudo cat /etc/passwd > 03.users.txt | |
# ssh keys | |
# sudo cp /home/*/.ssh/* ./ | |
# file system | |
sudo lsblk > 04.filesystem.txt | |
echo "" >> 04.filesystem.txt | |
sudo df -h >> 04.filesystem.txt | |
# network | |
sudo netstat -tunlp > 05.network.txt | |
# firewall rules | |
sudo iptables -L > 06.firewall.txt | |
# processes | |
sudo ps aux > 07.processes.txt | |
# services | |
sudo service --status-all | grep "+" > 08.services.txt | |
# apt packages | |
dpkg --get-selections | grep -v deinstall > 09.packages.txt | |
# apt repos | |
sudo cat /etc/apt/sources.list > 10.apt-sources.txt | |
# zip it up, delete files |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment