wrend = default_values.WREND erstart = default_values.ERSTART erend = default_values.EREND indstart = default_values.INDSTART indend = default_values.INDEND boldstart = default_values.BOLDSTART boldend = default_values.BOLDEND br = default_values.BR # ok = " .......................................[OK]" # warning = " .......................................[WARNING]" # local_ip_resource = conf.get("network.local_ip_resource") # public_ip_resource = conf.get("network.public_ip_resource") # private_ip_resource = conf.get("network.private_ip_resource") valid_tcp_port_list_lo = conf.get("network.valid_tcp_port_list_lo") valid_tcp_port_list_eth0 = conf.get("network.valid_tcp_port_list_eth0") valid_tcp_port_list_pub = conf.get("network.valid_tcp_port_list_pub") # end of the network configuration standard nmap_port_scanner = nmap.PortScanner() def get_ip(resource): response = urllib2.urlopen(resource) ip_address = response.read() print "The IP address scanning: " + ip_address return ip_address
import default_values import urllib2 import nmap from conf_loader.server_auditor_conf import conf # standard for the network configuration ok = " .......................................[OK]" warning = " .......................................[WARNING]" # local_ip_resource = conf.get("network.local_ip_resource") # public_ip_resource = conf.get("network.public_ip_resource") # private_ip_resource = conf.get("network.private_ip_resource") valid_tcp_port_list_lo = conf.get("network.valid_tcp_port_list_lo") valid_tcp_port_list_eth0 = conf.get("network.valid_tcp_port_list_eth0") valid_tcp_port_list_pub = conf.get("network.valid_tcp_port_list_pub") # end of the network configuration standard nmap_port_scanner = nmap.PortScanner() def get_ip(resource): response = urllib2.urlopen(resource) ip_address = response.read() print "The IP address scanning: "+ ip_address return ip_address def scan_ip(ip_address):
def check_fail2ban(): banner = " ***************checking Fail2ban *************** " print "Checking Fail2ban Settings....." conf=file_presence() # getting values from file ssh_ignoreip = conf.get("ssh.ignoreip") ssh_enabled = conf.get("ssh.enabled") ssh_port = conf.get("ssh.port") ssh_filter = conf.get("ssh.filter") ssh_logpath = conf.get("ssh.logpath") ssh_maxretry = conf.get("ssh.maxretry") ssh_bantime = conf.get("ssh.bantime") ssh_findtime = conf.get("ssh.findtime") ##converting string of ignoreip from conf file into list ssh_ignoreip_list = ssh_ignoreip.split(",") print " printing the list ", ssh_ignoreip_list print " printing our standard ignore ip list ", s_ssh_ignoreip_list ##comparing standard ignore ip list with the list from conf file different_ssh_ignoreip = set(s_ssh_ignoreip_list).difference(ssh_ignoreip_list) if different_ssh_ignoreip == set(): print "SSH ignore ip list is ", ssh_ignoreip_list , ok else: print " SSH ignore ip list mismatched. You missed following IP from standard", different_ssh_ignoreip , warning non_standard_ssh_ignoreip = set(ssh_ignoreip_list).difference(s_ssh_ignoreip_list) print " SSH ignore ip list mismatched. You having following IP against the standard", non_standard_ssh_ignoreip , warning if s_ssh_enabled == str(ssh_enabled): print " SSH enable status is ", ssh_enabled , ok else: print " SSH enable status is ", ssh_enabled , warning if s_ssh_port == ssh_port: print " SSH port is ", ssh_port , ok else: print " SSH port is ", ssh_port , warning if s_ssh_filter == ssh_filter: print " SSH filter is ", ssh_filter , ok else: print " SSH filter is ", ssh_filter , warning if s_ssh_logpath == ssh_logpath: print " SSH logpath is ", ssh_logpath , ok else: print " SSH logpath is ", ssh_logpath , warning if s_ssh_maxretry == ssh_maxretry: print " SSH maxretry value is ", ssh_maxretry , ok else: print " SSH maxretry value is ", ssh_maxretry , warning if s_ssh_bantime == ssh_bantime: print " SSH bantime is ", ssh_bantime , ok else: print " SSH bantime is ", ssh_bantime , warning if s_ssh_findtime == ssh_findtime: print " SSH findtime is ", ssh_findtime , ok else: print " SSH findtime is ", ssh_findtime , warning
__author__ = 'sabin' import default_values import os from conf_loader.server_auditor_conf import conf from conf_loader import jail_conf ok = " .......................................[OK]" warning = " .......................................[WARNING]" #conf = serverAuditor_confLoader.load_config('serverAuditor.conf') #standards of fail2.ban s_ssh_ignoreip = conf.get("fail2ban.ssh_ignoreip_list") s_ssh_ignoreip_list = s_ssh_ignoreip.split(',') s_ssh_enabled = conf.get("fail2ban.ssh_enabled") s_ssh_port = conf.get("fail2ban.ssh_port") s_ssh_filter = conf.get("fail2ban.ssh_filter") s_ssh_logpath = conf.get("fail2ban.ssh_logpath") s_ssh_maxretry = conf.get("fail2ban.ssh_maxretry") s_ssh_bantime = conf.get("fail2ban.ssh_bantime") s_ssh_findtime = conf.get("fail2ban.ssh_findtime") # end of fail2ban standards ## end of standard ## checking presence of jail.conf or local.conf def file_presence(): try: if os.path.exists(default_values.JAIL_LOCAL_LOCATION):
okstart = default_values.OKSTART okend = default_values.OKEND wrstart = default_values.WRSTART wrend = default_values.WREND erstart = default_values.ERSTART erend = default_values.EREND rastart = default_values.RASTART raend = default_values.RAEND br = default_values.BR #conf = serverAuditor_confLoader.load_config('serverAuditor.conf') ## ossec standards # ossec_init_conf = conf.get("ossec-ids.ossec_init_conf") # ossec_version = conf.get("ossec-ids.ossec_version") ossec_type_agent = conf.get("ossec-ids.ossec_type_agent") ossec_type_server = conf.get("ossec-ids.ossec_type_server") ossec_error = conf.get("ossec-ids.ossec_error") ossec_mail_alert_id = conf.get("ossec-ids.ossec_mail_alert_id") ossec_central_server_ip = conf.get("ossec-ids.ossec_central_server_ip") ## end of ossec standards # ok = " .......................................[OK]" # warning = " .......................................[WARNING]" # error = " .......................................[NOT INSTALLED]" #ossec_init_conf = "test_ossec-init.txt" # loading the ids_confLoader and getting the ids_type and ids_version from the /etc/ossec-init.conf def check_ids_type():
def check_fail2ban(): banner = " ***************checking Fail2ban *************** " print "Checking Fail2ban Settings....." conf = file_presence() # getting values from file ssh_ignoreip = conf.get("ssh.ignoreip") ssh_enabled = conf.get("ssh.enabled") ssh_port = conf.get("ssh.port") ssh_filter = conf.get("ssh.filter") ssh_logpath = conf.get("ssh.logpath") ssh_maxretry = conf.get("ssh.maxretry") ssh_bantime = conf.get("ssh.bantime") ssh_findtime = conf.get("ssh.findtime") ##converting string of ignoreip from conf file into list ssh_ignoreip_list = ssh_ignoreip.split(",") print " printing the list ", ssh_ignoreip_list print " printing our standard ignore ip list ", s_ssh_ignoreip_list ##comparing standard ignore ip list with the list from conf file different_ssh_ignoreip = set(s_ssh_ignoreip_list).difference( ssh_ignoreip_list) if different_ssh_ignoreip == set(): print "SSH ignore ip list is ", ssh_ignoreip_list, ok else: print " SSH ignore ip list mismatched. You missed following IP from standard", different_ssh_ignoreip, warning non_standard_ssh_ignoreip = set(ssh_ignoreip_list).difference( s_ssh_ignoreip_list) print " SSH ignore ip list mismatched. You having following IP against the standard", non_standard_ssh_ignoreip, warning if s_ssh_enabled == str(ssh_enabled): print " SSH enable status is ", ssh_enabled, ok else: print " SSH enable status is ", ssh_enabled, warning if s_ssh_port == ssh_port: print " SSH port is ", ssh_port, ok else: print " SSH port is ", ssh_port, warning if s_ssh_filter == ssh_filter: print " SSH filter is ", ssh_filter, ok else: print " SSH filter is ", ssh_filter, warning if s_ssh_logpath == ssh_logpath: print " SSH logpath is ", ssh_logpath, ok else: print " SSH logpath is ", ssh_logpath, warning if s_ssh_maxretry == ssh_maxretry: print " SSH maxretry value is ", ssh_maxretry, ok else: print " SSH maxretry value is ", ssh_maxretry, warning if s_ssh_bantime == ssh_bantime: print " SSH bantime is ", ssh_bantime, ok else: print " SSH bantime is ", ssh_bantime, warning if s_ssh_findtime == ssh_findtime: print " SSH findtime is ", ssh_findtime, ok else: print " SSH findtime is ", ssh_findtime, warning
__author__ = 'sabin' import default_values import os from conf_loader.server_auditor_conf import conf from conf_loader import jail_conf ok = " .......................................[OK]" warning = " .......................................[WARNING]" #conf = serverAuditor_confLoader.load_config('serverAuditor.conf') #standards of fail2.ban s_ssh_ignoreip = conf.get("fail2ban.ssh_ignoreip_list") s_ssh_ignoreip_list = s_ssh_ignoreip.split(',') s_ssh_enabled = conf.get("fail2ban.ssh_enabled") s_ssh_port = conf.get("fail2ban.ssh_port") s_ssh_filter = conf.get("fail2ban.ssh_filter") s_ssh_logpath = conf.get("fail2ban.ssh_logpath") s_ssh_maxretry = conf.get("fail2ban.ssh_maxretry") s_ssh_bantime = conf.get("fail2ban.ssh_bantime") s_ssh_findtime = conf.get("fail2ban.ssh_findtime") # end of fail2ban standards ## end of standard ## checking presence of jail.conf or local.conf def file_presence(): try: