#!/bin/bash
#set -o xtrace
#This script is for grading your system. Please do NOT alter it, as it
#will put your results in a standard format to make it easy for me to
#grade.
echo "This is the Spring 2011 version for CIS226AL using Centos 5.6" 
echo "This is your final system grading script. It is quite simplistic, "
echo "but do NOT alter it, as I will expect things to come out in a "
echo "particular order, and if they do not, I will not grade your output"
echo "nor will I give you any credit for it."
echo "Now, before you continue, you must make sure that all your"
echo "assignments are DONE as well as the following"
echo "If you shut down sendmail, turn it back on!"
echo "ALSO, your NETWORK MUST BE UP TO CONTINUE"
echo "via chkconfig in run level 3"
echo "You can check the gradefile that is created as /root/gradefile," 
echo "if it looks good"
echo "Then edit gradespring2011 and remove the comment on the very last line"
echo "Or just attach the /root/gradefile to an email to me waclawski@mesacc.edu"

#set this directory to where YOUR chkrootkit install is located
#DO NOT put a / on the end of the path
#Did this via yum
#chkrootdir=/home/philw/chkrootkit-0.49
#Path to your secure web Document Root
secureweb=/var/www/secure
#Path to your plain virtual host Document Root
plainvirt=/var/www/html
#Path to virtual host Document Root that prevents bandwidth stealing
bandwidthvirt=/var/www/microsoft
#Path to virtual host DocumentRoot that has password setup for the directory
#passwdvirt=/var/www/bob
#Path to users home web directory
userdirpath=/home/philw/public_html
#Path to your phpmyadmin install
phpmyadmin=/var/www/secure/chewie
#Path to your tripwire install
tripwire=/usr/local/sbin/
#Path to your original httpd.conf file
httpdorig=/root/configbackups/httpd.conf.orig
#Path to your virtualhosts setup file
virtualhosts=/etc/httpd/conf.d/virtualhosts.conf
#path to your original sshd_config file
sshd_orig=/root/configbackups/sshd_config.orig
#Path to Postfix install
postfix=/etc/postfix
#Path to VSFTPD config
vsftpdorg=/root/configbackups/vsftpd.conf.orig
#Name of MySQL db you created, with path
mysqldb=/var/lib/mysql/philsdb
#FULL path and name to the passcheck2.inc file
passcheck=/var/www/philcheck/passcheck2.inc
#Squirrel mail directory
#squirrelmail=/var/www/secure/webmail
echo "Are you ready to continue? type y or n "
read choice
if [ $choice = n ]; then
	echo "Please get everything ready and try again"
	exit 1;
else
    echo "Let's get going then"
fi
echo "A gradefile will be created in the /root directory called"
echo "gradefile"
file=~/gradefile226al
#This line sets the date and wipes the gradefile clean
date > $file
echo "What is your name?"
read student
echo "STUDENT NAME" >> $file
echo "$student" >> $file
echo "Spring 2011 Gradescript for CIS226AL" >> $file
echo "************************************************" >> $file
date >> $file

echo "******************************************************" >> $file


echo "Checking to see if runlevel 3 is properly set up"
echo "Check to see that vsftpd, httpd is in runlevel 3" >> $file
echo "And check that mysql, ntp are also in runlevel 3" >> $file
echo "And that Nessus was added as well, though not necessarily started" >> $file
echo "And check for dovecot, postfix added as well" >> $file
echo " and that portmap, netfs, pcmcia etc are NOT" >> $file
ls /etc/rc.d/rc3.d/ >> $file
echo "Make sure the system actually starts in runlevel 3" >>$file
grep "id:" /etc/inittab >> $file

echo "********VSFTPD SECTION *********" >> $file
echo "is there a file in /var/ftp/pub?" >> $file
ls -a /var/ftp/pub  >> $file
echo "Look to see if anonymous ftp is on in vsftpd.conf" >> $file
diff $vsftpdorg  /etc/vsftpd/vsftpd.conf >> $file
echo "*****************************************************" >> $file
echo >> $file
echo "CHECK resolv.conf" >> $file
cat /etc/resolv.conf >> $file
echo >> $file
date >> $file
echo >> $file

echo "****************************************************" >> $file
echo "CHECKING VARIOUS RPMS THEY HAD TO INSTALL" >> $file
echo >> $file
yum list squirrelmail* >> $file
yum list postfix >> $file
yum list chkrootkit >> $file
echo "***************************************************" >> $file
#echo "Checking chkrootkit installation" >> $file
#$chkrootdir/chkrootkit >> $file

echo "***************************************" >> $file
echo "Checking to see if the repos include rpmforge setup right" >> $file
ls /etc/yum.repos.d/ >> $file

echo "Did they run their updates ? " >> $file
yum check-update
updates=$?
if [ $updates != 0 ]; then
echo "There are still updates that should be installed!!" >> $file
else
echo "All updates are installed via YUM " >> $file
fi
echo "Did they install the mcrypt and other PHP modules for PHPmyadmin?" >> $file
yum list php* >> $file

echo "***************************************" >> $file
echo "checking kernel version" >> $file
ls -l /boot   >> $file
uname -a >> $file
echo "******************************************************" >> $file
echo "CHECKING PORTSENTRY SETUP" >> $file
grep iptable /usr/local/psionic/portsentry2/portsentry.conf >> $file
echo "Checking portsentry.ignore" >> $file
cat /usr/local/psionic/portsentry2/portsentry.ignore >> $file
echo >> $file
echo "IS PORTSENTRY started IN RC.LOCAL?" >> $file
echo "And is the proc setting in RC.LOCAL?" >> $file
cat /etc/rc.d/rc.local >> $file

echo >> $file
echo "***********************************************" >> $file
echo "                 HTTPD.CONF!!                  " >> $file
echo "THIS IS A BIGGY!! A copy of the httpd.conf file" >> $file
echo "Looking for the following items: " >> $file
echo "1. the filename.inc protection " >> $file
echo "2. the userdir configuration " >> $file
echo "3. Virtual Hosts setups " >> $file
echo "3a. One with bandwidth stealing " >> $file
echo "3b. One with a directory password (optional)" >> $file

echo "*******************httpd.conf diff output***********" >> $file
diff $httpdorig /etc/httpd/conf/httpd.conf >> $file
echo "******Virtual hosts output****" >> $file
cat  $virtualhosts >> $file
echo "***********************************************" >> $file
echo "***********************************************" >> $file
echo "                SSL.CONF                       " >> $file

tail -n 170 /etc/httpd/conf.d/ssl.conf | head -n 75 >> $file

echo "********************************************" >> $file
date >> $file 
echo "Contents of Secure web directory $secureweb" >> $file
ls -l $secureweb >> $file
echo "******" >> $file
cat $secureweb/*.html >> $file
cat $secureweb/*.php >> $file
echo "Contents of Plain virtual host directory $plainvirt" >> $file
ls -l $plainvirt >> $file
echo "******" >> $file
cat $plainvirt/*.html >> $file
cat $plainvirt/*.php >> $file
echo "Contents of Bandwidth Prevention Virtual Host $bandwidthvirt" >> $file
ls -l $bandwidthvirt >> $file
echo "******" >> $file
cat $bandwidthvirt/*.html >> $file
cat $bandwidthvirt/*.php >> $file
echo "Contents of password protected virtual host $passwdvirt" >> $file
ls -l $passwdvirt >> $file
echo "******" >> $file
cat $passwdvirt/*.html >> $file
cat $passwdvirt/*.php >> $file
echo "Contents of Users Web Directory $userdirpath" >> $file
ls -l $userdirpath >> $file
echo "******" >> $file
cat $userdirpath/*.html >> $file
cat $userdirpath/*.php >> $file
echo "***********************************************************************" >> $file
echo "CHECKING PHPMYADMIN CONFIG.INC.PHP file!" >>$file
cat $phpmyadmin/config.inc.php >> $file
echo "***********************************************************************" >> $file
echo "******CHECKING MYSQL DB setup *****" >> $file
ls -l $mysqldb >> $file
echo "*******Checking md5 assignment setup" >> $file
cat $passcheck >> $file

#THIS NEEDS TO BE TESTED IN CLASS!!!

echo "Checking Tripwire Setup (do they have a db and a report?)" >> $file
ls -l $tripwire/tripwire >> $file
ls -l /usr/local/lib/tripwire/report/ >> $file
echo "***********************************************************************" >> $file
echo "Checking Firewall Setup!!" >> $file
/sbin/iptables -t filter -L -v -n >> $file
echo "********************************">>$file
echo "******************************" >> $file
echo "*********************************" >> $file
echo "checking sshd_config" >> $file
cat /etc/ssh/sshd_config >> $file
echo "******************************************" >> $file
echo "*****diff output for sshd_config**" >> $file
diff $sshd_orig /etc/ssh/sshd_config >> $file
echo "****************" >> $file
echo "Contents of rc.local file" >> $file
less /etc/rc.d/rc.local >> $file
echo "***********************************************************************" >> $file
echo "done check /root/gradefile "
 echo "If all goes well, re run the script after removing the # on the " 
echo "very last line. Sendmail should be running, otherwise" 
echo "use the redhat, server settings, services to start sendmail" 
echo "very last line. Sendmail should be running, otherwise" 
echo "use the redhat, server settings, services to start sendmail" 
echo "or you can just copy the last line and run it on the command line"
echo "Safest way , you can just send it to me as an attachment via email"
#cat /root/gradefile226al | mail waclawski@mesacc.edu