Defence tools for CDDC
- Patches bash against shellshock
- Prompts user to change root password
- Patches VSFTPD to remove known vulnerability
- Hardens SSH configuration
- Disables root SSH
- Whitelist only public and greyhats accounts
- Enable public key authentication
- Enforces public key authentication for greyhats account
- Configure chroot jail for public users
- Hardens FTP configuration
- Enforce a user list (which has only public)
- Configure chroot jail for public users
- Creates a chroot jail for public users
- Makes important files immutable
- Adds a greyhats user
- Sets up IP tables specific to the services required in CDDC
- Performs file integrity monitoring and restoration on selected files
- Works best for small files
- ARP monitoring script that does active and passive detection of ARP poisoning
- Checks if any physical address is claiming to be more than one IP address by doing an active ARP ping and by scanning through the machine's ARP table
- TODO: Also check if an IP address is claimed by more than one physical address (possible sign of ARP poisoning)
- Cleans up after itself and sets proper permissions on its scripts
To harden, run harden_system.sh