#!/bin/bash
# Check for unusual open ports
echo "Scanning for unusual open ports..."
netstat -tunlp
# Check for suspicious processes
echo "Checking for suspicious processes..."
ps aux | grep -E 'nc|netcat|bash|perl|python|ruby'
# Check for unauthorized users
echo "Checking for unauthorized users..."
lastlog | grep -v 'Never logged in'
# Check for suspicious cron jobs
echo "Checking for suspicious cron jobs..."
crontab -l
ls /etc/cron.d/
ls /etc/cron.daily/
ls /etc/cron.hourly/
ls /etc/cron.monthly/
ls /etc/cron.weekly/
# Check for unusual files in common directories
echo "Checking for unusual files in common directories..."
find /tmp -type f
find /var/tmp -type f
find /dev/shm -type f
echo "Scan complete."
