Bash Script for Jesus’ Blue Team System Fortification
脚本信息
文件名: jesus_system_fortification.sh
描述: 该Bash脚本专为蓝队一级操作员设计,用于加固和保护Linux环境。脚本自动化构建和加强安全措施的过程,包括应用系统更新、配置安全设置和设置自动备份。重点是构建能够抵御潜在网络威胁的健壮且有弹性的系统基础设施。
作者: System Admin Bash Builder
使用场景
- 通过应用安全措施和更新来加固Linux系统
- 配置安全设置以增强系统保护
- 支持专注于构建和维护安全基础设施的蓝队操作
目标受众
蓝队操作员、系统管理员、网络安全专业人员
脚本代码
#!/bin/bash
# Jesus' Blue Team System Fortification Script
# Author: System Admin Bash Builder
# Description: 该脚本通过应用更新、配置安全设置和设置自动备份来加固Linux系统,确保系统弹性
LOG_FILE="system_fortification.log"
# 步骤1: 初始化日志文件
echo "System Fortification Log - $(date)" > $LOG_FILE
echo "----------------------------------------" >> $LOG_FILE
# 步骤2: 应用系统更新
echo "[*] Applying system updates..." | tee -a $LOG_FILE
apt-get update && apt-get upgrade -y | tee -a $LOG_FILE
# 步骤3: 配置安全SSH设置
echo "[*] Configuring secure SSH settings..." | tee -a $LOG_FILE
sed -i 's/#PermitRootLogin yes/PermitRootLogin no/' /etc/ssh/sshd_config | tee -a $LOG_FILE
sed -i 's/#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config | tee -a $LOG_FILE
systemctl restart sshd
# 步骤4: 设置自动备份
echo "[*] Setting up automated backups..." | tee -a $LOG_FILE
apt-get install rsync -y | tee -a $LOG_FILE
crontab -l > mycron
echo "0 2 * * * rsync -av --delete /home/ /backup/home/" >> mycron
crontab mycron
rm mycron
# 步骤5: 强化系统配置
echo "[*] Hardening system configuration..." | tee -a $LOG_FILE
sysctl -w net.ipv4.ip_forward=0 | tee -a $LOG_FILE
sysctl -w net.ipv4.conf.all.accept_source_route=0 | tee -a $LOG_FILE
sysctl -w net.ipv4.conf.all.accept_redirects=0 | tee -a $LOG_FILE
sysctl -w net.ipv4.conf.all.secure_redirects=0 | tee -a $LOG_FILE
# 步骤6: 完成系统加固
echo "----------------------------------------" >> $LOG_FILE
echo "[*] System fortification complete. The system is now secure and resilient. Results saved in $LOG_FILE."
相关标签
#BlueTeam #SystemFortification #CyberSecurity #BashScripting #InfrastructureSecurity
