├── .github └── workflows │ └── super-linter.yml ├── README.md ├── ebs_volume_conversion ├── convert_ebs_volume_from_gp2_to_gp3.py └── volume_migration.json ├── ec2_instance_migration ├── README.md ├── migrate_instance.json └── migrate_instance.py ├── hard_vs_soft_link └── hard_vs_soft_link.sh ├── hard_vs_softlink.sh ├── performance_tuning ├── performance_tuning.sh └── performance_tuning_updated.sh ├── proc_vs_sys ├── check_interface_info.sh └── get_process_info.sh ├── python ├── installing_apache_using_platform.py └── subprocess │ └── extracting_last_column_from_ls_command.py ├── security_check └── security_check.sh ├── setuid_gid_stickybit └── setuid_setgid_stickybit.sh ├── showid ├── run_showid.sh ├── show_id.sh └── showid.c ├── ssh_log_analyzer └── ssh_log_analyzer_and_ip_blocker.sh ├── zombie.c └── zombie └── zombie.c /.github/workflows/super-linter.yml: -------------------------------------------------------------------------------- 1 | # This workflow executes several linters on changed files based on languages used in your code base whenever 2 | # you push a code or open a pull request. 3 | # 4 | # You can adjust the behavior by modifying this file. 5 | # For more information, see: 6 | # https://github.com/github/super-linter 7 | name: Lint Code Base 8 | 9 | on: 10 | push: 11 | branches: [ "main" ] 12 | pull_request: 13 | branches: [ "main" ] 14 | jobs: 15 | run-lint: 16 | runs-on: ubuntu-latest 17 | steps: 18 | - name: Checkout code 19 | uses: actions/checkout@v3 20 | with: 21 | # Full git history is needed to get a proper list of changed files within `super-linter` 22 | fetch-depth: 0 23 | 24 | - name: Lint Code Base 25 | uses: github/super-linter@v4 26 | env: 27 | VALIDATE_ALL_CODEBASE: false 28 | DEFAULT_BRANCH: "main" 29 | GITHUB_TOKEN: ${{ secrets.MY_GITHUB_TOKEN }} 30 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # 100DaysofDevOpsInterview 2 | -------------------------------------------------------------------------------- /ebs_volume_conversion/convert_ebs_volume_from_gp2_to_gp3.py: -------------------------------------------------------------------------------- 1 | import boto3 2 | from botocore.exceptions import BotoCoreError, ClientError 3 | import json 4 | 5 | ec2 = boto3.resource("ec2") 6 | 7 | def convert_volume(volume_id): 8 | try: 9 | volume = ec2.Volume(volume_id) 10 | if volume.volume_type == 'gp2': 11 | snapshot_choice = input(f"Do you want to take the snapshot of {volume_id} before converting it to gp3? (yes/no): ") 12 | if snapshot_choice.lower() == 'yes': 13 | snapshot = ec2.create_snapshot(VolumeId=volume_id, Description=f"Snapshot of volume {volume_id} before converting to gp3") 14 | print(f"Sucessfully created snapshot {snapshot.id} of volume {volume_id}") 15 | print("Now converting volume to gp3...") 16 | ec2.meta.client.modify_volume(VolumeId=volume_id, VolumeType='gp3') 17 | print(f'Sucessfully converted {volume_id} to gp3') 18 | else: 19 | print(f'Volume {volume_id} is not of type gp2. Skipped.') 20 | except BotoCoreError as e: 21 | print(f'Error from BotoCore on volume conversion: {e}') 22 | except ClientError as e: 23 | print(f'Error from AWS on volume conversion: {e}') 24 | except Exception as e: 25 | print(f'Unexpected error on volume conversion: {e}') 26 | 27 | try: 28 | with open('migrate_volume.json','r') as f: 29 | data = json.load(f) 30 | for item in data: 31 | convert_volume(item['volume_id']) 32 | except FileNotFoundError: 33 | print("The file migrate_volume.json was not found") 34 | except json.JSONDecodeError: 35 | print("There was an error decoding json from file migrate_volume.json") 36 | except Exception as e: 37 | print(f'Unexpected error: {e}') 38 | -------------------------------------------------------------------------------- /ebs_volume_conversion/volume_migration.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "volume_id": "vol-XXXXXX" 4 | } 5 | ] 6 | -------------------------------------------------------------------------------- /ec2_instance_migration/README.md: -------------------------------------------------------------------------------- 1 | # AWS EC2 Instance Migration Script 2 | 3 | This repository contains a Python script that automates the process of migrating AWS EC2 instances from one instance type to another. 4 | 5 | ## Overview 6 | The script works by: 7 | 8 | 1. Reading a JSON file that contains the instance IDs and the instance types to migrate to. 9 | 2. For each instance, the script does the following: 10 | * Stops the instance. 11 | * Creates an AMI (Amazon Machine Image) from the instance. 12 | * Waits for the AMI to become available. 13 | * Starts the instance again. 14 | * Creates a new instance from the AMI with the specified type. 15 | * Waits for the new instance to start. 16 | 17 | ## Prerequisites 18 | * Python 3 19 | * Boto3 library 20 | * AWS account with appropriate permissions to stop and start instances, create AMIs, and create instances. 21 | 22 | ## Usage 23 | 24 | Install the necessary Python library if you haven't done so: 25 | ```pip install boto3``` 26 | 27 | Clone the repository: 28 | ```git clone https://github.com/yourusername/yourrepository.git``` 29 | 30 | Update the JSON file with the instance IDs and instance types you want to migrate to. 31 | 32 | 33 | ## Run the script: 34 | ```python migrate_instances.py migrate_instances.json``` 35 | 36 | 🚨Remember that stopping and starting instances, creating AMIs, and creating new instances may result in additional costs and temporary unavailability of the instances. Always consider these factors and your application's requirements before performing these operations. 37 | 38 | ## License 39 | This project is licensed under the terms of the MIT license. 40 | -------------------------------------------------------------------------------- /ec2_instance_migration/migrate_instance.json: -------------------------------------------------------------------------------- 1 | [ 2 | { 3 | "instance_id": "i-XXXXXXXX", 4 | "instance_type": "t2.medium" 5 | }, 6 | { 7 | "instance_id": "i-XXXXXXX", 8 | "instance_type": "t2.micro" 9 | } 10 | ] 11 | 12 | -------------------------------------------------------------------------------- /ec2_instance_migration/migrate_instance.py: -------------------------------------------------------------------------------- 1 | import boto3 2 | from botocore.exceptions import BotoCoreError, ClientError 3 | import json 4 | from datetime import datetime 5 | import time 6 | 7 | ec2 = boto3.resource("ec2") 8 | 9 | def create_ami(instance_id): 10 | try: 11 | instance=ec2.Instance(instance_id) 12 | print(f'Stopping instance {instance_id}...') 13 | instance.stop() 14 | instance.wait_until_stopped() 15 | print(f'Instance {instance_id} stopped.') 16 | timestamp = datetime.now().strftime('%Y%m%d%H%M%S') 17 | image = instance.create_image(Name=f'Creating AMI for {instance_id} at {timestamp}') 18 | print(f'Creating image for instance {instance_id}...') 19 | image.wait_until_exists() 20 | while image.state == 'pending': 21 | print('Waiting for image to become available...') 22 | time.sleep(10) 23 | image.reload() 24 | print(f'Sucessfully create image {image.id} using instance {instance_id}') 25 | print(f'Starting instance {instance_id}...') 26 | instance.start() 27 | instance.wait_until_running() 28 | print(f'Instance {instance_id} started.') 29 | 30 | return image.id 31 | except BotoCoreError as e: 32 | print(f'There is an error from Botocore during image creation: {e}') 33 | except ClientError as e: 34 | print(f'There is an error from AWS during image creation: {e}') 35 | except Exception as e: 36 | print(f'Error: Due AMI creation: {e}') 37 | 38 | def create_ec2_instance(image_id, instance_type): 39 | try: 40 | print(f'Creating instance from image {image_id}...') 41 | instances = ec2.create_instances( 42 | ImageId=image_id, 43 | InstanceType=instance_type, 44 | MinCount=1, 45 | MaxCount=1 46 | ) 47 | instance = instances[0] 48 | instance.wait_until_running() 49 | print(f'Successfully created instance {instance.id} with type {instance_type}') 50 | except BotoCoreError as e: 51 | print(f'Error from BotoCore on instance creation: {e}') 52 | except ClientError as e: 53 | print(f'Error from AWS on instance creation: {e}') 54 | except Exception as e: 55 | print(f'Unexpected error on instance creation: {e}') 56 | 57 | 58 | try: 59 | with open('migrate_instance.json','r') as f: 60 | data = json.load(f) 61 | for item in data: 62 | image_id = create_ami(item['instance_id']) 63 | if image_id: 64 | create_ec2_instance(image_id, item['instance_type']) 65 | except FileNotFoundError: 66 | print("The file migrate_instance.json was not found") 67 | except json.JSONDecodeError: 68 | print("There was an error decoding json from file migrate_instance.json") 69 | except Exception as e: 70 | print(f'Unexpected error: {e}') 71 | -------------------------------------------------------------------------------- /hard_vs_soft_link/hard_vs_soft_link.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Create a new file 4 | echo "The comparison between hard and soft link" > testfile 5 | 6 | # Create a hardlink to this file 7 | ln testfile hardlink 8 | 9 | # Create a softlink to this file 10 | ln -s testfile softlink 11 | 12 | # Display the inode number to these files 13 | echo "Inode numbers: " 14 | ls -li testfile hardlink softlink 15 | 16 | # Modify the content of the original file 17 | echo "Updating contents" > testfile 18 | 19 | # Let's view the content of original, softlink and hardlink file 20 | echo "Contents of the original file" 21 | cat testfile 22 | echo "Contents of the hardlink file" 23 | cat hardlink 24 | echo "Contents of the softlink file" 25 | cat softlink 26 | 27 | # Let's remove the original file 28 | rm testfile 29 | 30 | # Let's check if we can still access the content of the file through the hard and soft link 31 | echo "Content of the hardlink after deleting the original file" 32 | cat hardlink 33 | echo "Content of the softlink after deleting the original file" 34 | cat softlink 35 | 36 | # Display the inode number after deleting test file 37 | echo "Inode numbers: " 38 | ls -li testfile hardlink softlink 39 | -------------------------------------------------------------------------------- /hard_vs_softlink.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Create a new file 4 | echo "The comparison between hard and soft link" > testfile 5 | 6 | # Create a hardlink to this file 7 | ln testfile hardlink 8 | 9 | # Create a softlink to this file 10 | ln -s testfile softlink 11 | 12 | # Display the inode number to these files 13 | echo "Inode numbers: " 14 | ls -li testfile hardlink softlink 15 | 16 | # Modify the content of the original file 17 | echo "Updating contents" > testfile 18 | 19 | # Let's view the content of original, softlink and hardlink file 20 | echo "Contents of the original file" 21 | cat testfile 22 | echo "Contents of the hardlink file" 23 | cat hardlink 24 | echo "Contents of the softlink file" 25 | cat softlink 26 | 27 | # Let's remove the original file 28 | rm testfile 29 | 30 | # Let's check if we can still access the content of the file through the hard and soft link 31 | echo "Content of the hardlink after deleting the original file" 32 | cat hardlink 33 | echo "Content of the softlink after deleting the original file" 34 | cat softlink 35 | -------------------------------------------------------------------------------- /performance_tuning/performance_tuning.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # This script is the quick check to detect whether the performance issue is due to CPU, Memory, Input/Output (I/O), and network error 3 | # This script should work on both CentOS and macOS 4 | 5 | 6 | # Check if the load average is greater than 70% of the CPU cores 7 | load_avg=$(w | head -n 1 | awk '{print $9}' |cut -f1 -d",") 8 | num_cores=$(nproc) 9 | max_load=$(echo "0.7 * $num_cores" | bc) 10 | 11 | if [[ $(echo "$load_avg > $max_load" | bc) -eq 1 ]]; then 12 | #Print a message if the load average is too high 13 | echo -e "\033[1;31m CPU load average is currently $load_avg, which is higher than the maximum of $max_load \033[0m" >&2 14 | else 15 | # Print a message if the load average is within the acceptable range 16 | echo -e "\033[1;32m CPU load average is currently $load_avg, which is within the acceptable range.\033[0m" 17 | fi 18 | 19 | # Set the memory average threshold 20 | THRESHOLD=90 21 | 22 | # Get the total memory and used memory in bytes 23 | total_memory=$(grep 'MemTotal' /proc/meminfo | awk '{print $2}') 24 | available_memory=$(grep 'MemAvailable' /proc/meminfo | awk '{print $2}') 25 | 26 | # Calculate the actual memory utilization as a percentage 27 | memory_utilization=$(echo "scale=2; ($total_memory - $available_memory)/$total_memory * 100" | bc) 28 | 29 | # Compare the memory utilization with the threshold 30 | if (( $(echo "$memory_utilization > $THRESHOLD" | bc -l) )) 31 | then 32 | echo -e "\033[1;32m Memory utilization is above the threshold!!! Memory utilization is: $utilization% \033[0m" 33 | else 34 | echo -e "\033[1;32m Memory utilizationis currently $memory_utilization, which is within the acceptable range.\033[0m" 35 | fi 36 | 37 | # Check the I/O wait state 38 | 39 | iowait_state=$(top -b -n 1 | head -n +3|awk '{print $10}'|tail -1 |bc) 40 | if [[ $(echo "$iowait_state > 1" | bc) -eq 1 ]]; then 41 | #Print a message IOWAIT is too high 42 | echo -e "\033[1;31m IOWAIT is currently $iowait_state, which is higher than the acceptable range \033[0m" >&2 43 | else 44 | # Print a message IOWAIT is within the acceptable range 45 | echo -e "\033[1;32m IOWAIT is currently $iowait_state, which is within the acceptable range.\033[0m" 46 | fi 47 | 48 | # Check if ifconfig command is present 49 | if command -v ifconfig >/dev/null 2>&1; then 50 | echo "ifconfig command is present" 51 | else 52 | echo "ifconfig command is not present. Installing..." 53 | # Install ifconfig command 54 | if [ -f /etc/centos-release ]; then 55 | # CentOS 56 | sudo yum install -y net-tools 57 | elif [ -f /etc/lsb-release ]; then 58 | # Ubuntu 59 | sudo apt-get update 60 | sudo apt-get install -y net-tools 61 | else 62 | # Unsupported OS 63 | echo "Unsupported operating system" 64 | exit 1 65 | fi 66 | fi 67 | 68 | #Get the network interface name or ask input from the user 69 | #interface=$1 70 | interface=$(ifconfig |head -1|awk '{print $1}' |cut -f1 -d:) 71 | 72 | # Get the RX error count 73 | rx_error_count=$(ifconfig $interface | grep "RX errors" |awk '{print $3}') 74 | 75 | # Get the TX error count 76 | tx_error_count=$(ifconfig $interface | grep "TX errors" |awk '{print $3}') 77 | 78 | # Check if either error count is greater than zero 79 | # Remember these counter only get reset after reboot, so you may get some false alarm. Check this thread for more reference https://unix.stackexchange.com/questions/164057/how-can-i-manually-reset-rx-tx-counters-in-ifconfig-output-without-impacting-d 80 | if [[ $rx_error_count -gt 0 || $tx_error_count -gt 0 ]]; then 81 | #Print a message Network error count is too high 82 | echo -e "\033[1;31m Network Error is currently for Revieve Error: $rx_error_count and Transmit Error: $tx_error_count, which is higher than the acceptable range \033[0m" >&2 83 | else 84 | # Print a message Network error count is within the acceptable range 85 | echo -e "\033[1;32m Network Error is currently for Revieve Error: $rx_error_count and Transmit Error: $tx_error_count, which is within the acceptable range.\033[0m" 86 | fi 87 | -------------------------------------------------------------------------------- /performance_tuning/performance_tuning_updated.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # This script is the quick check to detect whether the performance issue is due to CPU, Memory, Input/Output (I/O), and network error 3 | 4 | function check_cpu() { 5 | load_avg=$(w | head -n 1 | awk '{print $9}' |cut -f1 -d",") 6 | num_cores=$(nproc) 7 | max_load=$(echo "0.7 * $num_cores" | bc) 8 | 9 | if [[ $(echo "$load_avg > $max_load" | bc) -eq 1 ]]; then 10 | echo -e "\033[1;31m CPU load average is currently $load_avg, which is higher than the maximum of $max_load \033[0m" >&2 11 | return 1 12 | else 13 | echo -e "\033[1;32m CPU load average is currently $load_avg, which is within the acceptable range.\033[0m" 14 | return 0 15 | fi 16 | } 17 | 18 | function check_memory() { 19 | THRESHOLD=90 20 | 21 | total_memory=$(grep 'MemTotal' /proc/meminfo | awk '{print $2}') 22 | available_memory=$(grep 'MemAvailable' /proc/meminfo | awk '{print $2}') 23 | 24 | memory_utilization=$(echo "scale=2; ($total_memory - $available_memory)/$total_memory * 100" | bc) 25 | 26 | if (( $(echo "$memory_utilization > $THRESHOLD" | bc -l) )) 27 | then 28 | echo -e "\033[1;32m Memory utilization is above the threshold!!! Memory utilization is: $utilization% \033[0m" 29 | return 1 30 | else 31 | echo -e "\033[1;32m Memory utilizationis currently $memory_utilization, which is within the acceptable range.\033[0m" 32 | return 0 33 | fi 34 | } 35 | 36 | function check_io() { 37 | iowait_state=$(top -b -n 1 | head -n +3|awk '{print $10}'|tail -1 |bc) 38 | if [[ $(echo "$iowait_state > 1" | bc) -eq 1 ]]; then 39 | echo -e "\033[1;31m IOWAIT is currently $iowait_state, which is higher than the acceptable range \033[0m" >&2 40 | return 1 41 | else 42 | echo -e "\033[1;32m IOWAIT is currently $iowait_state, which is within the acceptable range.\033[0m" 43 | return 0 44 | fi 45 | } 46 | 47 | function check_network() { 48 | if ! command -v ifconfig >/dev/null 2>&1; then 49 | echo "ifconfig command is not present. Installing..." 50 | if [ -f /etc/centos-release ]; then 51 | sudo yum install -y net-tools 52 | elif [ -f /etc/lsb-release ]; then 53 | sudo apt-get update 54 | sudo apt-get install -y net-tools 55 | else 56 | echo "Unsupported operating system" 57 | exit 1 58 | fi 59 | fi 60 | 61 | interface=$(ifconfig |head -1|awk '{print $1}' |cut -f1 -d:) 62 | 63 | rx_error_count=$(ifconfig $interface | grep "RX errors" |awk '{print $3}') 64 | 65 | tx_error_count=$(ifconfig $interface | grep "TX errors" |awk '{print $3}') 66 | 67 | if [[ $rx_error_count -gt 0 || $tx_error_count -gt 0 ]]; then 68 | echo -e "\033[1;31m Network Error is currently for Receive Error: $rx_error_count and Transmit Error: $tx_error_count, which is higher than the acceptable range \033[0m" >&2 69 | return 1 70 | else 71 | echo -e "\033[1;32m Network Error is currently for Receive Error: $rx_error_count and Transmit Error: $tx_error_count, which is within the acceptable range.\033[0m" 72 | return 0 73 | fi 74 | } 75 | 76 | function send_email() { 77 | # Replace with your email 78 | recipient="youremail@example.com" 79 | subject="Alert: System performance issue detected" 80 | body="One or more performance issues have been detected on the system. Please check the system immediately." 81 | echo "$body" | mail -s "$subject" $recipient 82 | } 83 | 84 | function main() { 85 | check_cpu || send_email 86 | check_memory || send_email 87 | check_io || send_email 88 | check_network || send_email 89 | } 90 | 91 | main 92 | -------------------------------------------------------------------------------- /proc_vs_sys/check_interface_info.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Get the process ID 4 | interface="$1" 5 | 6 | # Check if the Interface ID is provided 7 | if [ $# -lt 1 ]; then 8 | echo "Please provide the interface ID" 9 | exit 1 10 | fi 11 | 12 | # Display the Mac Address of the interface 13 | echo "Mac address for the interface $interface" 14 | cat /sys/class/net/$interface/address 15 | echo 16 | 17 | # Display the MTU of the interface 18 | echo "MTU for the interface $interface" 19 | cat /sys/class/net/$interface/mtu 20 | echo 21 | 22 | # Display the operational state of the interface 23 | echo "Operational state for the $interface" 24 | cat /sys/class/net/$interface/operstate 25 | -------------------------------------------------------------------------------- /proc_vs_sys/get_process_info.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Get the process ID 4 | pid="$1" 5 | 6 | # Check if the process ID is provided 7 | if [ $# -lt 1 ]; then 8 | echo "Please provide the process ID" 9 | exit 1 10 | fi 11 | 12 | # Display the command line of the process 13 | echo "The command line for the process $pid" 14 | cat /proc/$pid/cmdline 15 | echo 16 | 17 | # Display the environment variable for the process 18 | echo "The command line for the process $pid" 19 | cat /proc/$pid/environ 20 | echo 21 | 22 | # Display the status of the process 23 | echo "Status of the process $pid" 24 | cat /proc/$pid/status 25 | -------------------------------------------------------------------------------- /python/installing_apache_using_platform.py: -------------------------------------------------------------------------------- 1 | import platform 2 | import subprocess 3 | import sys 4 | 5 | 6 | def apache_installation(): 7 | try: 8 | #First step is to detect the operating system 9 | os_info = platform.platform() 10 | 11 | #After checking the operating system, install the OS based on that 12 | if "Ubuntu" in os_info: 13 | subprocess.check_call(['sudo', 'apt-get', 'update']) 14 | subprocess.check_call(['sudo', 'apt-get', '-y', 'install','apache2']) 15 | elif "centos" in os_info: 16 | subprocess.check_call(['sudo', 'yum','-y', 'update']) 17 | subprocess.check_call(['sudo', 'yum', '-y', 'install','httpd']) 18 | else: 19 | print("Unsupported operating system") 20 | sys.exit(1) 21 | 22 | print("Apache installed sucessfully") 23 | 24 | except subprocess.CalledProcessError as e: 25 | print(f"Error occured while installing apache: {e}") 26 | sys.exit(1) 27 | except Exception as e: 28 | print(f"An unexpected error occur: {e}") 29 | sys.exit(1) 30 | 31 | apache_installation() -------------------------------------------------------------------------------- /python/subprocess/extracting_last_column_from_ls_command.py: -------------------------------------------------------------------------------- 1 | import subprocess 2 | import sys 3 | 4 | try: 5 | result = subprocess.run(['ls', '-l'], capture_output=True, text=True, check=True) 6 | except subprocess.CalledProcessError as e: 7 | print(f"The 'ls -l' command failed with return code {e.returncode}", file=sys.stderr) 8 | sys.exit(e.returncode) 9 | except Exception as e: 10 | print(f"An unexpected error occurred: {e}", file=sys.stderr) 11 | sys.exit(1) 12 | 13 | lines = result.stdout.splitlines() 14 | for line in lines: 15 | filename = line.split()[-1] 16 | print(filename) 17 | -------------------------------------------------------------------------------- /security_check/security_check.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Define different color codes 4 | RED='\033[0;31m' 5 | GREEN='\033[0;32m' 6 | NO_COLOR='\033[0m' 7 | 8 | # Check if Password Authentication is disabled for SSH 9 | if grep -q "^PasswordAuthentication no" /etc/ssh/sshd_config; then 10 | echo -e "${GREEN}Password Authentication is disabled for SSH${NO_COLOR}" 11 | else 12 | echo -e "${RED}Error: Password Authentication is not disabled for SSH${NO_COLOR}" 13 | fi 14 | 15 | # Check if root login is disabled for SSH 16 | if grep -q "^PermitRootLogin no" /etc/ssh/sshd_config; then 17 | echo -e "${GREEN}Root login is disabled for SSH${NO_COLOR}" 18 | else 19 | echo -e "${RED}Error: Root login is not disabled for SSH${NO_COLOR}" 20 | fi 21 | 22 | # Check if SELinux is enforcing 23 | if getenforce | grep -q 'Enforcing'; then 24 | echo -e "${GREEN}SELinux is enforcing${NO_COLOR}" 25 | else 26 | echo -e "${RED}Error: SELinux is not enforcing${NO_COLOR}" 27 | fi 28 | 29 | # Check for unwanted services for eg: cups 30 | if systemctl is-active --quiet cups; then 31 | echo -e "${RED}Error: cups service is running${NO_COLOR}" 32 | else 33 | echo -e "${GREEN}cups service is not running${NO_COLOR}" 34 | fi 35 | 36 | # Check if firewall is running 37 | if systemctl is-active --quiet firewalld; then 38 | echo -e "${GREEN}Firewall is active${NO_COLOR}" 39 | else 40 | echo -e "${RED}Error: Firewall is not active${NO_COLOR}" 41 | fi 42 | 43 | # Check if system packages are up-to-date 44 | # NOTE: yum check-update will return an exit code of 100 if updates are available and 0 if not, which can make it seem like an error has occurred even if the command was successful 45 | if yum check-update; then 46 | echo -e "${GREEN}System packages are up-to-date${NO_COLOR}" 47 | else 48 | echo -e "${RED}Error: System packages are not up-to-date${NO_COLOR}" 49 | fi 50 | -------------------------------------------------------------------------------- /setuid_gid_stickybit/setuid_setgid_stickybit.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Create a file 4 | touch mysuidfile 5 | 6 | if [ $? -ne 0 ]; then 7 | echo "Error creating file!" 8 | exit 1 9 | fi 10 | 11 | # Set SETUID on the file 12 | chmod +x mysuidfile 13 | chmod u+s mysuidfile 14 | 15 | if [ $? -ne 0 ]; then 16 | echo "Error setting SETUID!" 17 | exit 2 18 | fi 19 | 20 | # Verify that the SETUID was set correctly 21 | perms=$(ls -l mysuidfile) 22 | if [[ $perms != *s* ]]; then 23 | echo "SETUID was not set correctly!" 24 | exit 3 25 | else 26 | echo "SETUID was set correctly." 27 | fi 28 | 29 | # Create a directory 30 | mkdir mysgiddir 31 | 32 | # Set SETGID on the directory 33 | chmod g+s mysgiddir 34 | 35 | if [ $? -ne 0 ]; then 36 | echo "Error setting SETGID!" 37 | exit 4 38 | fi 39 | 40 | # Verify that the SETGID was set correctly 41 | perms=$(ls -ld mysgiddir) 42 | if [[ $perms != *s* ]]; then 43 | echo "SETGID was not set correctly!" 44 | exit 5 45 | else 46 | echo "SETGID was set correctly." 47 | fi 48 | # Create a directory 49 | mkdir mystickybitdir 50 | # Set Sticky Bit on the directory 51 | chmod o+t mystickybitdir 52 | 53 | if [ $? -ne 0 ]; then 54 | echo "Error setting Sticky Bit!" 55 | exit 6 56 | fi 57 | 58 | # Verify that the Sticky Bit was set correctly 59 | perms=$(ls -ld mystickybitdir) 60 | if [[ $perms != *t* ]]; then 61 | echo "Sticky Bit was not set correctly!" 62 | exit 7 63 | else 64 | echo "Sticky Bit was set correctly." 65 | fi 66 | 67 | # Clean up 68 | rm mysuidfile 69 | rmdir mysgiddir 70 | rmdir mystickybitdir 71 | 72 | if [ $? -ne 0 ]; then 73 | echo "Error deleting files and directory!" 74 | exit 8 75 | fi 76 | 77 | exit 0 78 | -------------------------------------------------------------------------------- /showid/run_showid.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Printing the real and effective user ID before SUID bit is set 4 | echo "Printing the real and effective user ID before SUID bit is set" 5 | ./showid 6 | 7 | # Changing the ownership of the file to root user 8 | echo "Changing the ownership of the file to root user" 9 | sudo chown root:root ./setid 10 | 11 | # Setting the SUID bit 12 | echo "Setting the SUID bit" 13 | sudo chmod u+s ./showid 14 | 15 | # Printing the real and effective user ID after SUID bit is set 16 | echo "Printing the real and effective user ID after SUID bit is set" 17 | ./showid 18 | -------------------------------------------------------------------------------- /showid/show_id.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Check if the filename is provided 4 | if [ $# -lt 1 ]; then 5 | echo "Please provide the file or directory name" 6 | exit 1 7 | fi 8 | 9 | # Fetch current permissions 10 | perms=$(stat -c "%a" "$1") 11 | 12 | # Check with user if he want to setup the SUID, SGID or Sticky Bit 13 | read -p "Do you want to setup the SUID bit? (yes/no): " suid 14 | read -p "Do you want to setup the SGID bit? (yes/no): " sgid 15 | read -p "Do you want to setup the Sticky bit? (yes/no): " sticky 16 | 17 | # Setup SUID, SGID or Sticky Bit if not already set 18 | if [ "$suid" == "yes" ]; then 19 | if (( (perms & 04000) != 04000 )); then 20 | chmod u+s "$1" 21 | else 22 | echo "SUID bit is already set." 23 | fi 24 | fi 25 | 26 | if [ "$sgid" == "yes" ]; then 27 | if (( (perms & 02000) != 02000 )); then 28 | chmod g+s "$1" 29 | else 30 | echo "SGID bit is already set." 31 | fi 32 | fi 33 | 34 | if [ "$sticky" == "yes" ]; then 35 | if (( (perms & 01000) != 01000 )); then 36 | chmod o+t "$1" 37 | else 38 | echo "Sticky bit is already set." 39 | fi 40 | fi 41 | 42 | # Display the permission 43 | ls -l "$1" 44 | -------------------------------------------------------------------------------- /showid/showid.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | int main(){ 5 | printf("Real UID: %d\n", getuid()); 6 | printf("Effective UID: %d\n", geteuid()); 7 | return 0; 8 | } 9 | -------------------------------------------------------------------------------- /ssh_log_analyzer/ssh_log_analyzer_and_ip_blocker.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | 3 | # Name of the log file 4 | LOGFILE="/var/log/secure" 5 | 6 | # The threshold for blocking an IP address(Please modify it based on your requirement) 7 | THRESHOLD=5 8 | 9 | # Check if the log file exists and is readable 10 | if [[ ! -e "$LOGFILE" ]]; then 11 | echo "Error: $LOGFILE does not exist." >&2 12 | exit 1 13 | elif [[ ! -r "$LOGFILE" ]]; then 14 | echo "Error: $LOGFILE is not readable." >&2 15 | exit 1 16 | fi 17 | 18 | # Create a timestamp, this we will use with temporary file 19 | timestamp=$(date +%Y%m%d%H%M%S) 20 | 21 | # Use the above timestamp to create temporary file to store the unique IP 22 | TMPFILE=$(mktemp /tmp/ip_list."$timestamp".XXXXX) || { echo "Error: Failed to create temporary file."; exit 1; } 23 | 24 | # Extract the IP addresses from the log file and count the number of occurence 25 | grep -oE "\b([0-9]{1,3}\.){3}[0-9]{1,3}\b" "$LOGFILE" | sort | uniq -c > "$TMPFILE" 26 | 27 | while read -r line; do 28 | # Get the count of IP address(first field) and IP address(second field) 29 | COUNT=$(echo "$line" | awk '{print $1}') 30 | IP=$(echo "$line" | awk '{print $2}') 31 | 32 | # If the count of IP address is greater than threshold, block the particular IP address 33 | if [[ "$COUNT" -ge "$THRESHOLD" ]]; then 34 | echo "Blocking IP $IP" 35 | iptables -A INPUT -s "$IP" -j DROP || { echo "Error: Failed to block IP $IP"; exit 1; } 36 | fi 37 | done < "$TMPFILE" 38 | 39 | # Remove the temporary file 40 | rm "$TMPFILE" || { echo "Error: Failed to remove temp file."; exit 1; } 41 | -------------------------------------------------------------------------------- /zombie.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | 5 | int main() { 6 | pid_t child_pid = fork(); 7 | 8 | if (child_pid > 0) { 9 | // Parent process 10 | sleep(600); // Sleep for a while to allow the child process to become a zombie 11 | } else if (child_pid == 0) { 12 | // Child process 13 | exit(0); // Child process exits immediately, becoming a zombie 14 | } 15 | 16 | return 0; 17 | } 18 | -------------------------------------------------------------------------------- /zombie/zombie.c: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | 5 | int main() { 6 | pid_t child_pid = fork(); 7 | 8 | if (child_pid > 0) { 9 | // Parent process 10 | sleep(600); // Sleep for a while to allow the child process to become a zombie 11 | } else if (child_pid == 0) { 12 | // Child process 13 | exit(0); // Child process exits immediately, becoming a zombie 14 | } 15 | 16 | return 0; 17 | } 18 | --------------------------------------------------------------------------------