sbellver/Script inicial nuevo server

## Script inicial nuevo server
#!/bin/bash

locale-gen es_ES.UTF-8
dpkg-reconfigure locales
apt-get update
apt-get upgrade -y
apt get install gnupg htop vim unzip unattended-upgrades -y
-y
timedatectl set-timezone Europe/Madrid

#Actualizaciones desatendidas
echo [Timer] >> /etc/systemd/system/apt-daily.timer
echo OnCalendar= >> /etc/systemd/system/apt-daily.timer
echo OnCalendar=03:00 >> /etc/systemd/system/apt-daily.timer
echo RandomizedDelaySec=1h >> /etc/systemd/system/apt-daily.timer

#Securizando el SSH
sed -i 's/#Port 22/Port 7850/g' /etc/ssh/sshd_config
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
/etc/init.d/ssh restart

#CSF
apt-get install install libwww-perl -y
cd /tmp
wget http://download.configserver.com/csf.tgz
tar xzf csf.tgz
cd csf
sh install.sh

sed -i 's/TESTING = "1"/TESTING = "0"/g' /etc/csf/csf.conf
sed -i 's/"20,21,22,25,53,80,110,143,443,465,587,993,995,7850"/"20,21,25,53,80,110,143,443,465,587,993,995,3306,33060,6446,6447,64460,64470,5666,7850,8006"/g' /etc/csf/csf.conf
sed -i 's/"20,21,22,25,53,80,110,113,443,587,993,995"/"20,21,22,25,53,80,110,113,443,587,993,995,33060,6446,6447,64460,64470"/g' /etc/csf/csf.conf
sed -i 's/"20,21,53,113,123"/"20,21,53,113,123"/g' /etc/csf/csf.conf
sed -i 's/LF_ALERT_TO = ""/LF_ALERT_TO = "csf@tecneca.com"/g' /etc/csf/csf.conf
sed -i 's/RESTRICT_SYSLOG = "0"/RESTRICT_SYSLOG = "3"/g' /etc/csf/csf.conf
sed -i 's/PT_USERPROC = "10"/PT_USERPROC = "0"/g' /etc/csf/csf.conf
sed -i 's/PT_USERMEM = "512"/PT_USERMEM = "0"/g' /etc/csf/csf.conf
sed -i 's/PT_USERRSS = "256"/PT_USERRSS = "0"/g' /etc/csf/csf.conf
sed -i 's/PT_USERTIME = "1800"/PT_USERTIME = "0"/g' /etc/csf/csf.conf
csf -x
csf -e

#MONITORIZACION
apt-get install logwatch
sed -i 's/--output mail/--output mail --mailto sysadmin@tecneca.com --detail high/g' /etc/cron.daily/00logwatch
	#!/bin/bash

	locale-gen es_ES.UTF-8
	dpkg-reconfigure locales
	apt-get update
	apt-get upgrade -y
	apt get install gnupg htop vim unzip unattended-upgrades -y
	-y
	timedatectl set-timezone Europe/Madrid

	#Actualizaciones desatendidas
	echo [Timer] >> /etc/systemd/system/apt-daily.timer
	echo OnCalendar= >> /etc/systemd/system/apt-daily.timer
	echo OnCalendar=03:00 >> /etc/systemd/system/apt-daily.timer
	echo RandomizedDelaySec=1h >> /etc/systemd/system/apt-daily.timer

	#Securizando el SSH
	sed -i 's/#Port 22/Port 7850/g' /etc/ssh/sshd_config
	sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
	sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
	/etc/init.d/ssh restart

	#CSF
	apt-get install install libwww-perl -y
	cd /tmp
	wget http://download.configserver.com/csf.tgz
	tar xzf csf.tgz
	cd csf
	sh install.sh

	sed -i 's/TESTING = "1"/TESTING = "0"/g' /etc/csf/csf.conf
	sed -i 's/"20,21,22,25,53,80,110,143,443,465,587,993,995,7850"/"20,21,25,53,80,110,143,443,465,587,993,995,3306,33060,6446,6447,64460,64470,5666,7850,8006"/g' /etc/csf/csf.conf
	sed -i 's/"20,21,22,25,53,80,110,113,443,587,993,995"/"20,21,22,25,53,80,110,113,443,587,993,995,33060,6446,6447,64460,64470"/g' /etc/csf/csf.conf
	sed -i 's/"20,21,53,113,123"/"20,21,53,113,123"/g' /etc/csf/csf.conf
	sed -i 's/LF_ALERT_TO = ""/LF_ALERT_TO = "csf@tecneca.com"/g' /etc/csf/csf.conf
	sed -i 's/RESTRICT_SYSLOG = "0"/RESTRICT_SYSLOG = "3"/g' /etc/csf/csf.conf
	sed -i 's/PT_USERPROC = "10"/PT_USERPROC = "0"/g' /etc/csf/csf.conf
	sed -i 's/PT_USERMEM = "512"/PT_USERMEM = "0"/g' /etc/csf/csf.conf
	sed -i 's/PT_USERRSS = "256"/PT_USERRSS = "0"/g' /etc/csf/csf.conf
	sed -i 's/PT_USERTIME = "1800"/PT_USERTIME = "0"/g' /etc/csf/csf.conf
	csf -x
	csf -e

	#MONITORIZACION
	apt-get install logwatch
	sed -i 's/--output mail/--output mail --mailto sysadmin@tecneca.com --detail high/g' /etc/cron.daily/00logwatch