UNIX Auditing Script

Came across this script to collect information on your unix host for auditing purposes:

<—————————————————-CUT———————————————————————–>

#!/bin/sh
echo ‘# Hostname: ‘`hostname`  >> audit.out
echo ‘# Date: ‘`date` >> audit.out
echo Audit Tests >> audit.out
echo User Accounts >> audit.out
cat /etc/passwd >> audit.out
echo Shadow File >> audit.out
cat /etc/shadow >> audit.out
ls -l /etc/shadow >> audit.out
echo Groups >> audit.out
cat /etc/group >> audit.out
echo Internet Services >> audit.out
cat /etc/inetd.conf >> audit.out
echo Services >> audit.out
cat /etc/services >> audit.out
echo Trusted Hosts >> audit.out
cat /etc/hosts.equiv >> audit.out
echo FTP Users control >> audit.out
cat /etc/ftpusers >> audit.out
echo Syslog Config >> audit.out
cat /etc/syslog.conf >> audit.out
echo sulog >> audit.out
cat /var/adm/sulog >> audit.out
echo Checking for all SUID files…
echo suid >> audit.out
find / -perm -4000 -type f -exec ls -l {} \; >> audit.out
echo Checking for all SGID files…
echo sgid >> audit.out
find / -perm -2000 -type f -exec ls -l {} \; >> audit.out
echo Checking for all World-Writable directories
echo wwd >> audit.out
find / -perm -2 -type d -print >> audit.out
echo Checking for all World-Writable files…
echo wwf >> audit.out
find / -perm -2 -type f -exec ls -l {} \; >> audit.out
echo Checking for all .rhosts files…
echo rhosts >> audit.out
find / -name .rhosts -exec ls -l {} \; >> audit.out
echo Checking for all .forward files…
echo forward >> audit.out
echo Checking for all .netrc files…
echo netrc >> audit.out
find / -name .netrc -exec ls -l {} \; >> audit.out
echo network tests >> audit.out
echo rpcinfo >> audit.out
rpcinfo -p >> audit.out
echo ifconfig >> audit.out
ifconfig >> audit.out
echo netstat info >> audit.out
netstat -an >> audit.out
echo nfs showmount >> audit.out
showmount -e >> audit.out
echo end of test >> audit.out

<—————————————————-CUT———————————————————————–>