Advertisement
devinteske

SECOPS .bash_profile

Jul 10th, 2024
325
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 1.69 KB | Cybersecurity | 0 0
  1. # Put this in your ~/.bash_profile
  2.  
  3. #
  4. # OS Specifics
  5. # NB: Requires uname(1) -- from base system
  6. #
  7. : "${UNAME_s:=$( uname -s )}"
  8. unset Linux
  9. case "$UNAME_s" in
  10. Linux) Linux=$( lsb_release -si 2> /dev/null ) || Linux=1 ;;
  11. esac
  12.  
  13. #
  14. # Security
  15. #
  16. ME=you@somewhere
  17. BASTION_LOC1="1.2.3.4 2.3.4.5"
  18. BASTION_LOC2="3.4.5.6 4.5.6.7 5.6.7.8"
  19. BASTIONS="$BASTION_LOC1 $BASTION_LOC2"
  20. if [ "$SSH_CLIENT" ]; then
  21.         SSH_CLIENT_HOST="${SSH_CLIENT%%[$IFS]*}" # first word
  22.         _expected=
  23.         for _host in $BASTIONS; do
  24.                 [ "$SSH_CLIENT_HOST" = "$_host" ] || continue
  25.                 _expected=1
  26.                 break
  27.         done
  28.         [ "$_expected" ] ||
  29.                 mail -s "[SECOPS] Unexpected ssh" "$ME" <<-EOM
  30.                         From $SSH_CLIENT_HOST to $HOSTNAME
  31.  
  32.                         Please forward to security
  33.  
  34.                         Environment variables:
  35.                         $( set )
  36.                 EOM
  37.         unset _expected _host
  38. elif [ "$Linux" ]; then
  39.         SU_USER=$( ps auxwwf | awk -v pid=$$ 'BEGIN{getline hdr;
  40.                lines[1]=hdr;match(hdr,"COMMAND");C=RSTART}{
  41.                lines[NR]=$0}$2==pid{P=NR;U=$1}END{while(1){
  42.                $0=lines[P];if($1!=U){if($1=="root")U=$1;else{found=1
  43.                break}}if(substr($0,C,1)!=" ")break;if(--P<1)break}
  44.                print found?$1:"root"}' )
  45.         [ "$SU_USER" = "$USER" ] ||
  46.                 mail -s "[SECOPS] Unexpected su" "$ME" <<-EOM
  47.                         $SU_USER just became you on $HOSTNAME
  48.  
  49.                         Please forward to security
  50.  
  51.                         Environment variables:
  52.                         $( set )
  53.                 EOM
  54. fi
  55.  
Tags: SECOPS
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement