1. ¡OFERTA! con cupón "DIRVPS": hosting por $0,01 y también VPS Linux y Windows por $0,01 el primer mes por Interserver ← publi
    Descartar aviso
Descartar aviso
Al usar este sitio web, aceptas que nosotros y nuestros socios podamos establecer cookies para fines tales como personalizar el contenido y la publicidad. Más información.

Seguridad Recopilacion de Scripts Interesantes

Tema en 'Asuntos Técnicos' iniciado por radicaladmin.net, 12 Jun 2022.

  1. radicaladmin.net

    radicaladmin.net Usuario activo

    ¡Hola buenas!

    Vamos a darle, un poco de vidilla al foro, que veo que está muy parado. Abro este hilo, para que hagamos una recopilación de scripts interesantes, para nuestras máquinas.

    Iré poniendo más, de momento...

    Script apagar red, iniciar red

    Es posible, que en algunos casos, estemos bajo un ataque de DDoS y debamos de apagar la interfaz de red, para mitigar dicho ataque. A veces, no queda otra...

    Determinar la carga de nuestra máquina:

    CODE, HTML o PHP Insertado:
    grep processor /proc/cpuinfo | wc -l
    CODE, HTML o PHP Insertado:
    uptime
    Chequear IP's conectadas a nuestro servidor:

    CODE, HTML o PHP Insertado:
    netstat -ntu|awk '{print $5}'|cut -d: -f1 -s|sort|uniq -c|sort -nk1 -r
    Chequear las múltiples IP's conectadas:

    CODE, HTML o PHP Insertado:
    netstat -ntu|awk '{print $5}'|cut -d: -f1 -s |cut -f1,2 -d'.'|sed 's/$/.0.0/'|sort|uniq -c|sort -nk1 -r
    Creamos el script, con el nombre: shutdown-and-restart.sh

    CODE, HTML o PHP Insertado:
    touch shutdown-and-restart.sh
    CODE, HTML o PHP Insertado:
    nano shutdown-and-restart.sh
    CODE, HTML o PHP Insertado:
    #!/bin/bash
    # Script para apagar y reiniciar la red en GNU/Linux
    # radicaladmin.net
    
    echo “Desactivar interfaz eth0”
    sudo systemctl stop networking.service
    
    echo “Apagar la máquina”
    shutdown -h now
    
    echo “Esperando 2 segundos”
    sleep 2
    echo “Tarea terminada”
    
    # Reiniciar la máquina
    # reboot
    # shutdown -r now
    echo “Adiós”
    echo “Esperando 3 segundos”
    sleep 3
    echo “Tarea terminada”
    
    Script escaneo de puertos en python

    Este script, escanea los puertos abiertos y cerrados en nuestra máquina.

    CODE, HTML o PHP Insertado:
    touch escaneo-de-puertos.py
    CODE, HTML o PHP Insertado:
    nano escaneo-de-puertos.py
    CODE, HTML o PHP Insertado:
    #!/usr/bin/env python
    
    #--*--coding:UTF-8--*--
    # Importamos los módulos
    import socket
    import errno
    
    # Lista conjunto puertos a escanear
    # Lista para guardar puertos abiertos
    #Lista para guardar puertos cerrados
    
    ports=[20,21,22,25,587,53,80,443,110,143,993,995,2222,2703,3306]
    puertosabierto=[]
    puertoscerrado=[]
    
    # Dirección IP
    
    print “Dirección IP a escanear?”
    ip = raw_input()
    
    i = 0
    j = 0
    
    while i < 10:
    
    # Creamos el socket
    
    s = socket.socket(socket.AF_INET, socket.SOCK_STREAM)
    
    result = sock.connect_ex((ip,ports[i]))
    
    # Para la conexión existosa
    
    if result ==0:
    
    # Cerramos la conexión
    
    sock.close()
    
    Un Saludo.
     
  2.  
  3. radicaladmin.net

    radicaladmin.net Usuario activo

    Seguimos... No me deja poner más de 1.000 líneas el foro, así que lo voy dividiendo, en varios post...

    Script Configurar CSF Firewall

    CODE, HTML o PHP Insertado:
    touch csf-config.sh
    CODE, HTML o PHP Insertado:
    nano csf-config.sh
    CODE, HTML o PHP Insertado:
    /bin/sed -i "s/RESTRICT_SYSLOG\s*=.*$/RESTRICT_SYSLOG = \"3\"/g" /etc/csf/csf.conf
    /bin/sed -i "s/SYSLOG_CHECK\s*=.*$/SYSLOG_CHECK = \"3600\"/g" /etc/csf/csf.conf
    
    # By default, CSF will block allowed IP if they break rules.
    /bin/sed -i "s/IGNORE_ALLOW\s*=.*/IGNORE_ALLOW = \"1\"/g" /etc/csf/csf.conf
    
    
    #/bin/sed -i "s/LF_GLOBAL\s*=.*$/LF_GLOBAL = \"1800\"/g" /etc/csf/csf.conf
    #/bin/sed -i "s/GLOBAL_ALLOW\s*=.*$/GLOBAL_ALLOW = \"http:\/\/git\.buyscripts\.in\:10080\/boby\/firewall\/raw\/master\/allow\.txt\"/g" /etc/csf/csf.conf
    #/bin/sed -i "s/GLOBAL_DENY\s*=.*$/GLOBAL_DENY = \"http\:\/\/git\.buyscripts\.in\:10080\/boby\/firewall\/raw\/master\/deny.txt\"/g" /etc/csf/csf.conf
    
    # This option will notify you when a large amount of email is sent from a particular script on the server
    /bin/sed -i "s/LF_SCRIPT_ALERT\s*=.*$/LF_SCRIPT_ALERT = \"1\"/g" /etc/csf/csf.conf
    
    # This option ensures that almost all Linux accounts are checked with Process Tracking, not just the cPanel ones
    /bin/sed -i "s/PT_ALL_USERS\s*=.*$/PT_ALL_USERS = \"1\"/g" /etc/csf/csf.conf
    
    
    /bin/sed -i "s/TESTING = \"1\"/TESTING = \"0\"/g" /etc/csf/csf.conf
    
    # Disable IP blocking alert. You may get many, if you dont need to act on this, disable it
    
    /bin/sed -i "s/PT_USERMEM\s*=.*/PT_USERMEM = \"1024\"/g" /etc/csf/csf.conf
    /bin/sed -i "s/LF_NETBLOCK_ALERT\s*=.*/LF_NETBLOCK_ALERT = \"0\"/g" /etc/csf/csf.conf
    /bin/sed -i "s/LF_PERMBLOCK_ALERT\s*=.*/LF_PERMBLOCK_ALERT = \"0\"/g" /etc/csf/csf.conf
    /bin/sed -i "s/PS_EMAIL_ALERT\s*=.*/PS_EMAIL_ALERT = \"0\"/g" /etc/csf/csf.conf
    
    
    
    # custoemer keep getting IP blocked mails, so i set LF_TEMP_EMAIL_ALERT = 0
    
    #LF_EMAIL_ALERT
    #LF_TEMP_EMAIL_ALERT
    
    # Disable all alerts
    # /bin/sed -i "s/LF_EMAIL_ALERT\s*=.*/LF_EMAIL_ALERT = \"0\"/g" /etc/csf/csf.conf
    
    # ONLY CPANEL
    
    if [ -d "/var/cpanel/" ]; then
    /bin/sed -i "s/SMTP_BLOCK\s*=.*/SMTP_BLOCK = \"1\"/g" /etc/csf/csf.conf
    fi
    
    # /bin/sed -i "s/LF_ALERT_TO\s*=.*$/LF_ALERT_TO = \"admin@serverok.in\"/g" /etc/csf/csf.conf
    
    systemctl restart csf.service
    csf -r
    
    /bin/systemctl stop rpcbind
    /bin/systemctl disable rpcbind
    
    SSH Keygen

    CODE, HTML o PHP Insertado:
    touch ssh-keygen.sh
    CODE, HTML o PHP Insertado:
    nano ssh-keygen.sh
    CODE, HTML o PHP Insertado:
    #!/bin/bash
    if [ ! -f /root/.ssh/id_rsa.pub ] ; then
        echo "Generating ssh key:"
        /usr/bin/ssh-keygen -t rsa -b 4096 -C "info@domain.tld" -N ''
    else
        cat ~/.ssh/id_rsa.pub
    fi
    
    Bloquear IP's

    CODE, HTML o PHP Insertado:
    touch bloquear-ips.sh
    CODE, HTML o PHP Insertado:
    nano bloquear-ips.sh


    CODE, HTML o PHP Insertado:
    #!/bin/bash
    # Script para bloquear las ips
    for ip in `cat /auditoria/ips`
    do
        /sbin/iptables -I INPUT -s $ip -j DROP
    done
    
    Letsencrypt Renew

    CODE, HTML o PHP Insertado:
    touch letsencrypt-renew.sh
    CODE, HTML o PHP Insertado:
    nano letsencrypt-renew.sh


    CODE, HTML o PHP Insertado:
    #!/bin/bash
    /usr/bin/certbot renew
    
    Comprobar spammer


    CODE, HTML o PHP Insertado:
    touch comprobar-spammer.sh
    CODE, HTML o PHP Insertado:
    nano comprobar-spammer.sh
    CODE, HTML o PHP Insertado:
    #!/bin/bash
    for ip in `cat /auditoria2/ips`
    do
            url=http://www.stopforumspam.com/api?ip=$ip
            respuesta=`curl -s $url | sed -ne '/<\/appears>/ { s/<[^>]*>\(.*\)<\/appears>/\1/; p }'`
            #aparece=`awk -vRS="</appears>" '{gsub(/.*<appears.*>/,"");print}' '$respuesta'`
            if [ $respuesta = "yes" ];
            then
                    echo $ip
    #       else
    #               echo $ip "  No aparece"
            fi
    done
    
    
    Script para monitorear MySQL

    CODE, HTML o PHP Insertado:
    touch mysql_monitor.sh
    CODE, HTML o PHP Insertado:
    nano mysql_monitor.sh
    CODE, HTML o PHP Insertado:
    ################################################################################
    # Script para monitorear MySQL
    ################################################################################
    # mkdir /usr/usuario
    # vi /usr/usuario/mysql_monitor.sh
    # chmod 755 /usr/usuario/mysql_monitor.sh
    # crontab -e
    # */5 * * * * /usr/usuario/mysql_monitor.sh > /var/log/sok-mysql.log
    ################################################################################
    
    MYSQL_USER="root"
    MYSQL_PASSWORD="YOUR_ROOT_PW_HERE"
    
    ################################################################################
    # NO EDITAR ABAJO
    ################################################################################
    
    MYSQL_REPLY="$(mysqladmin -u ${MYSQL_USER} -p${MYSQL_PASSWORD} ping)"
    TIME_STAMP="$(date "+%Y-%m-%d %H:%M:%S")"
    
    if [[ ! "$MYSQL_REPLY" =~ "mysqld está funcionando correctamente" ]]
    then
    systemctl restart mariadb
    echo -e "${TIME_STAMP} MySQL Caído\n"
    fi
    


    For cPanel & WHM

    Script de configuración para cPanel & WHM

    CODE, HTML o PHP Insertado:
    touch config.sh
    CODE, HTML o PHP Insertado:
    nano config.sh
    CODE, HTML o PHP Insertado:
    
    # Script de configuración para cPanel & WHM
    
    # WHM Tweaks for better CSF score
    
    # Disable SMTP Restrictions. WHM > Security Center > SMTP Restrictions
    /bin/sed -i "s/^smtpmailgidonly=1$/smtpmailgidonly=0/g" /var/cpanel/cpanel.config
    
    # Check cPanel login is SSL only. WHM > Tweak Settings > Always redirect to SSL
    # /bin/sed -i "s/^alwaysredirecttossl=0$/alwaysredirecttossl=1/g" /var/cpanel/cpanel.config
    
    # Check BoxTrapper is disabled in WHM > Tweak Settings > BoxTrapper spam trap
    /bin/sed -i "s/^skipboxtrapper=0$/skipboxtrapper=1/g" /var/cpanel/cpanel.config
    
    # Max hourly emails per domain. WHM > Tweak Settings > Max hourly emails per domain
    /bin/sed -i "s/^maxemailsperhour.*$/maxemailsperhour=500/g" /var/cpanel/cpanel.config
    
    # Turn off Reset Password for cPanel accounts. WHM > Tweak Settings > Reset Password for cPanel accounts
    /bin/sed -i "s/^resetpass=1$/resetpass=0/g" /var/cpanel/cpanel.config
    
    # Turn off Reset Password for Subaccounts. WHM > Tweak Settings > Reset Password for Subaccounts
    /bin/sed -i "s/^resetpass_sub=1$/resetpass_sub=0/g" /var/cpanel/cpanel.config
    
    # Check proxy subdomains. WHM > Tweak Settings > Proxy subdomains
    /bin/sed -i "s/^proxysubdomains=1$/proxysubdomains=0/g" /var/cpanel/cpanel.config
    
    # Check accounts that can access a cPanel user. You should consider setting this option to "user" after use. WHM > Tweak Settings > Accounts that can access a cPanel user account
    /bin/sed -i "s/^account_login_access=owner_root$/account_login_access=user/g" /var/cpanel/cpanel.config
    
    # Enable Referrer Blank Security. WHM > Tweak Settings > Blank referrer safety check
    /bin/sed -i "s/^referrerblanksafety=0$/referrerblanksafety=1/g" /var/cpanel/cpanel.config
    
    # Enable Referrer Security. WHM > Tweak Settings > Referrer safety check
    /bin/sed -i "s/^referrersafety=0$/referrersafety=1/g" /var/cpanel/cpanel.config
    
    # Check Password ENV variable. WHM > Tweak Settings > Hide login password from cgi scripts
    /bin/sed -i "s/^cgihidepass=0$/cgihidepass=1/g" /var/cpanel/cpanel.config
    
    # Allow subdomain outside public_html
    /bin/sed -i "s/^publichtmlsubsonly=0$/publichtmlsubsonly=1/g" /var/cpanel/cpanel.config
    
    # Initial default/catch-all forwarder destination
    /bin/sed -i "s/^defaultmailaction=.*$/defaultmailaction=blackhole/g" /var/cpanel/cpanel.config
    
    # set timezone to UTC
    
    rm -f /etc/localtime
    ln -s /usr/share/zoneinfo/UTC /etc/localtime
    
    # enable only awstats
    
    echo "DEFAULTGENS=AWSTATS" > /etc/stats.conf
    echo "allow_awstats_include=0" >> /etc/stats.conf
    
    /bin/sed -i "s/^skipanalog=0/skipanalog=1/g" /var/cpanel/cpanel.config
    /bin/sed -i "s/^skipwebalizer=0/skipwebalizer=1/g" /var/cpanel/cpanel.config
    
    /scripts/initquotas
    
    # Keep cpanel logs
    
    mkdir /root/cpanel3-skel/
    echo "archive-logs=1" > /root/cpanel3-skel/.cpanel-logs
    echo "remove-old-archived-logs=1" >> /root/cpanel3-skel/.cpanel-logs
    
    # disable mail from mailer-daemon
    
    /bin/sed -i "s/mailer-daemon:\tpostmaster/mailer-daemon: \/dev\/null/g" /etc/aliases
    
    # install clamav
    
    /scripts/update_local_rpm_versions --edit target_settings.clamav installed
    /scripts/check_cpanel_rpms --fix --targets=clamav
    
    service cpanel restart
    
    # Enable shell bomb protection
    
    /usr/local/cpanel/bin/install-login-profile --install limits
    
    ln -s /scripts/whoowns /usr/local/bin/whoowns
    
    /bin/systemctl stop rpcbind
    /bin/systemctl disable rpcbind
    


    DKIM/SPF ALL

    CODE, HTML o PHP Insertado:
    touch dkim-spf-all.sh
    CODE, HTML o PHP Insertado:
    nano dkim-spf-all.sh
    CODE, HTML o PHP Insertado:
    #!/bin/bash
    # bash dkim-spf-all.sh
    for username in `ls -A /var/cpanel/users`; do
        echo "Installing DKIM and SPF for $username"
        /usr/local/cpanel/bin/dkim_keys_install $username
        /usr/local/cpanel/bin/spf_installer $username
    done
    
    
    Instalar DNS Only

    CODE, HTML o PHP Insertado:
    touch dns-only.sh
    CODE, HTML o PHP Insertado:
    nano dns-only.sh
    CODE, HTML o PHP Insertado:
    #!/bin/bash
    yum -y update
    yum -y upgrade
    yum -y remove mlocate
    wget http://layer1.cpanel.net/cpanel-dnsonly-install.sea
    sh cpanel-dnsonly-install.sea
    

    Instalar PHP Modules en Cpanel & WHM


    CODE, HTML o PHP Insertado:
    touch php-modules.sh
    CODE, HTML o PHP Insertado:
    nano php-modules.sh
    CODE, HTML o PHP Insertado:
    #!/bin/bash
    # Install PHP modules in cPanel Server
    PHP_VERSIONS=(
        "56"
        "70"
        "71"
        "72"
        "73"
    )
    PHP_MODULES=(
        'curl'
        'exif'
        'ioncube10'
        'iconv'
        "intl"
        'fileinfo'
        'fpm'
        'mbstring'
        'soap'
        'zip'
        "gd"
    )
    for ((i=0; i < ${#PHP_MODULES[*]}; i++)); do
        for ((j=0; j < ${#PHP_VERSIONS[*]}; j++)); do
            echo "Installing ea-php${PHP_VERSIONS[$j]}-php-${PHP_MODULES[$i]}"
            yum -y install ea-php${PHP_VERSIONS[$j]}-php-${PHP_MODULES[$i]}
        done
    done
    
    Un saludo.
     


Alojamiento web, Hosting Reseller, Servidores Dedicados - All in Hosting


    
    
    
    
Blog · Sitios amigos: GuiaHosting · Unidominios · Interalta ·