[H[2J[3J[0;32m
╔══════════════════════════════════════════════════════════════════╗
║                    AUDITORÍA COMPLETA DEL VPS                   ║
║                         Ubuntu 24.04                            ║
╚══════════════════════════════════════════════════════════════════╝
[0m

[0;34m================================================================================[0m
[0;34m1. INFORMACIÓN DEL SISTEMA[0m
[0;34m================================================================================[0m

Hostname: [0;32msv-2jK2fxf55r.cloud.elastika.pe[0m
Fecha y Hora: [0;32mWed Jun 11 05:16:42 AM -05 2025[0m
Uptime: [0;32mup 14 weeks, 1 day, 1 hour, 17 minutes[0m
Kernel: [0;32m6.8.0-31-generic[0m
Arquitectura: [0;32mx86_64[0m
Distribución: [0;32mUbuntu 24.04.2 LTS[0m

[0;36m--- Información de CPU ---[0m
Modelo: [0;32mQEMU Virtual CPU version 2.5+ pc-i440fx-8.2 CPU @ 2.0GHz[0m
Núcleos: [0;32m2[0m
Carga actual: [0;32m0.00 0.11 0.08[0m

[0;36m--- Información de Memoria ---[0m
               total        used        free      shared  buff/cache   available
Mem:           1.9Gi       413Mi       164Mi       5.4Mi       1.5Gi       1.5Gi
Swap:             0B          0B          0B

[0;36m--- Espacio en Disco ---[0m
Filesystem      Size  Used Avail Use% Mounted on
tmpfs           192M  984K  192M   1% /run
/dev/sda1        40G  6.9G   31G  19% /
tmpfs           960M     0  960M   0% /dev/shm
tmpfs           5.0M     0  5.0M   0% /run/lock
tmpfs           192M   12K  192M   1% /run/user/0

[0;34m================================================================================[0m
[0;34m2. SERVICIOS Y PROCESOS[0m
[0;34m================================================================================[0m


[0;36m--- Servicios del Sistema Activos ---[0m
  apache-htcacheclean.service              loaded active running Disk Cache Cleaning Daemon for Apache HTTP Server
  apache2.service                          loaded active running The Apache HTTP Server
  kmod-static-nodes.service                loaded active exited  Create List of Static Device Nodes

[0;36m--- Puertos Abiertos ---[0m
tcp6       0      0 :::22                   :::*                    LISTEN      1/systemd           
tcp6       0      0 :::80                   :::*                    LISTEN      33077/apache2       
tcp6       0      0 :::443                  :::*                    LISTEN      33077/apache2       

[0;36m--- Procesos que más CPU/Memoria consumen ---[0m
USER         PID %CPU %MEM    VSZ   RSS TTY      STAT START   TIME COMMAND
root     1456802  0.0  5.8 165092 115148 ?       S<s  May17  12:10 /usr/lib/systemd/systemd-journald
root          17  0.0  0.0      0     0 ?        I    Mar04  40:51 [rcu_preempt]
root       18170  0.0  1.3 223452 27008 ?        SLsl Mar04  23:01 /sbin/multipathd -d -s
root           1  0.0  0.6  22576 13312 ?        Ss   Mar04  19:52 /usr/lib/systemd/systemd --system --deserialize=60
root     1836295  0.0  0.0      0     0 ?        I    03:39   0:00 [kworker/1:1-events]
syslog     30467  0.0  0.2 222508  5888 ?        Ssl  Mar04  16:30 /usr/sbin/rsyslogd -n -iNONE
root       11259  0.0  0.4  12016  8064 ?        Ss   Mar04  15:09 sshd: /usr/sbin/sshd -D [listener] 1 of 10-100 startups
root       33077  0.0  1.8 237516 35480 ?        Ss   Mar04  14:20 /usr/sbin/apache2 -k start
root       28071  0.0  1.7 588612 34364 ?        Ssl  Mar04  13:35 /usr/libexec/fwupd/fwupd

[0;34m================================================================================[0m
[0;34m3. SERVIDORES WEB[0m
[0;34m================================================================================[0m


[0;36m--- Apache HTTP Server ---[0m
Estado: [0;32mInstalado[0m
Versión: [0;32mServer version: Apache/2.4.58 (Ubuntu)[0m
Servicio: [0;32mActivo[0m
Archivo de configuración principal: [1;33m/etc/apache2/apache2.conf[0m
Sitios disponibles:
-rw-r--r-- 1 root root 1286 Mar 18  2024 000-default.conf
-rw-r--r-- 1 root root 1454 Feb 26 13:26 apietvasa.transporteurbanogps.click.conf
-rw-r--r-- 1 root root  971 Feb 26 13:26 apietvasa.transporteurbanogps.click-le-ssl.conf
-rw-r--r-- 1 root root 4573 Mar 18  2024 default-ssl.conf
Sitios habilitados:
lrwxrwxrwx 1 root root   59 Feb 26 13:17 apietvasa.transporteurbanogps.click.conf -> ../sites-available/apietvasa.transporteurbanogps.click.conf
lrwxrwxrwx 1 root root   76 Feb 26 13:26 apietvasa.transporteurbanogps.click-le-ssl.conf -> /etc/apache2/sites-available/apietvasa.transporteurbanogps.click-le-ssl.conf
Módulos habilitados:
Loaded Modules:
 core_module (static)
 so_module (static)
 watchdog_module (static)
 http_module (static)
 log_config_module (static)
 logio_module (static)
 version_module (static)
 unixd_module (static)
 access_compat_module (shared)

[0;36m--- Nginx ---[0m
Estado: [0;31mNo instalado[0m

[0;36m--- Lighttpd ---[0m
Estado: [0;31mNo instalado[0m

[0;34m================================================================================[0m
[0;34m4. LENGUAJES DE PROGRAMACIÓN[0m
[0;34m================================================================================[0m


[0;36m--- PHP ---[0m
Estado: [0;32mInstalado[0m
Versión: [0;32mPHP 8.3.6 (cli) (built: Dec  2 2024 12:36:18) (NTS)[0m
Archivo de configuración: [1;33m/etc/php/8.3/cli/php.ini[0m
Extensiones instaladas (algunas):
curl
gd
json
libxml
mbstring
mysqli
pdo_mysql
xml
xmlreader
xmlwriter
PHP-FPM: [0;31mNo activo[0m

[0;36m--- Python ---[0m
Python 3: [0;32mPython 3.12.3[0m

[0;36m--- Node.js ---[0m
Estado: [0;31mNo instalado[0m

[0;36m--- Java ---[0m
Estado: [0;31mNo instalado[0m

[0;36m--- Ruby ---[0m
Estado: [0;31mNo instalado[0m

[0;34m================================================================================[0m
[0;34m5. BASES DE DATOS[0m
[0;34m================================================================================[0m


[0;36m--- MySQL ---[0m
Estado: [0;31mNo instalado[0m

[0;36m--- MariaDB ---[0m
Estado: [0;31mNo instalado[0m

[0;36m--- PostgreSQL ---[0m
Estado: [0;31mNo instalado[0m

[0;36m--- Redis ---[0m
Estado: [0;31mNo instalado[0m

[0;34m================================================================================[0m
[0;34m6. HERRAMIENTAS Y SERVICIOS ADICIONALES[0m
[0;34m================================================================================[0m


[0;36m--- Docker ---[0m
Estado: [0;31mNo instalado[0m

[0;36m--- Composer ---[0m
Composer: [0;32mComposer version 2.8.6 2025-02-25 13:03:50[0m

[0;36m--- Git ---[0m
Git: [0;32mgit version 2.43.0[0m

[0;36m--- Certbot ---[0m
Certbot: [0;32mcertbot 2.9.0[0m
Certificados SSL instalados:

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Found the following certs:
  Certificate Name: apietvasa.transporteurbanogps.click
    Serial Number: 5e28403620a5af11a2b06174b8987052222
    Key Type: ECDSA
    Domains: apietvasa.transporteurbanogps.click
    Expiry Date: 2025-08-01 05:32:34+00:00 (VALID: 50 days)
    Certificate Path: /etc/letsencrypt/live/apietvasa.transporteurbanogps.click/fullchain.pem
    Private Key Path: /etc/letsencrypt/live/apietvasa.transporteurbanogps.click/privkey.pem
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

[0;36m--- Fail2ban ---[0m
Estado: [0;31mNo instalado[0m

[0;34m================================================================================[0m
[0;34m7. SEGURIDAD Y FIREWALL[0m
[0;34m================================================================================[0m


[0;36m--- UFW (Uncomplicated Firewall) ---[0m
UFW instalado: [0;32mSí[0m
Estado: Status: active
Reglas activas:
Status: active

     To                         Action      From
     --                         ------      ----
[ 1] 80                         ALLOW IN    Anywhere                  
[ 2] 22                         ALLOW IN    Anywhere                  
[ 3] 443                        ALLOW IN    Anywhere                  
[ 4] 80 (v6)                    ALLOW IN    Anywhere (v6)             
[ 5] 22 (v6)                    ALLOW IN    Anywhere (v6)             
[ 6] 443 (v6)                   ALLOW IN    Anywhere (v6)             


[0;36m--- SSH ---[0m
SSH: [0;32mActivo[0m
Puerto SSH:
Puerto por defecto (22)
Configuración de autenticación:
PermitRootLogin yes

[0;34m================================================================================[0m
[0;34m8. USUARIOS Y GRUPOS[0m
[0;34m================================================================================[0m


[0;36m--- Usuarios del Sistema ---[0m
Usuarios con shell de login:
root  0  root

[0;36m--- Usuarios con privilegios sudo ---[0m


[0;34m================================================================================[0m
[0;34m9. LOGS Y MONITOREO[0m
[0;34m================================================================================[0m


[0;36m--- Logs del Sistema (últimas 10 líneas) ---[0m
[1;33mSyslog:[0m
2025-06-11T05:16:28.870416-05:00 sv-2jK2fxf55r kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:fb:42:67:00:de:fb:c8:6d:a7:08:00 SRC=179.43.191.98 DST=161.132.38.41 LEN=40 TOS=0x00 PREC=0x00 TTL=236 ID=54321 PROTO=TCP SPT=45922 DPT=8000 WINDOW=65535 RES=0x00 SYN URGP=0 
2025-06-11T05:16:40.283270-05:00 sv-2jK2fxf55r kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:fb:42:67:00:de:fb:c8:6d:a7:08:00 SRC=185.242.226.54 DST=161.132.38.41 LEN=44 TOS=0x00 PREC=0x00 TTL=237 ID=54321 PROTO=TCP SPT=44732 DPT=8284 WINDOW=65535 RES=0x00 SYN URGP=0 
2025-06-11T05:16:51.168799-05:00 sv-2jK2fxf55r qemu-ga: info: guest-file-open called, filepath: /proc/meminfo, mode: r
2025-06-11T05:16:51.169210-05:00 sv-2jK2fxf55r qemu-ga: info: guest-file-open, handle: 20105
2025-06-11T05:16:51.264355-05:00 sv-2jK2fxf55r qemu-ga: info: guest-file-close called, handle: 20105

[1;33mAuth log:[0m
2025-06-11T05:15:11.623038-05:00 sv-2jK2fxf55r sshd[1839224]: pam_unix(sshd:auth): check pass; user unknown
2025-06-11T05:15:11.623160-05:00 sv-2jK2fxf55r sshd[1839224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.82.93.28 
2025-06-11T05:15:14.314967-05:00 sv-2jK2fxf55r sshd[1839224]: Failed password for invalid user king from 103.82.93.28 port 51354 ssh2
2025-06-11T05:15:15.109141-05:00 sv-2jK2fxf55r sshd[1839224]: Received disconnect from 103.82.93.28 port 51354:11: Bye Bye [preauth]
2025-06-11T05:15:15.109412-05:00 sv-2jK2fxf55r sshd[1839224]: Disconnected from invalid user king 103.82.93.28 port 51354 [preauth]

[1;33mApache Error Log:[0m
[Wed Jun 11 00:00:03.612967 2025] [mpm_prefork:notice] [pid 33077] AH00163: Apache/2.4.58 (Ubuntu) OpenSSL/3.0.13 configured -- resuming normal operations
[Wed Jun 11 00:00:03.613159 2025] [core:notice] [pid 33077] AH00094: Command line: '/usr/sbin/apache2'

[0;34m================================================================================[0m
[0;34m10. TAREAS PROGRAMADAS[0m
[0;34m================================================================================[0m


[0;36m--- Cron Jobs del Sistema ---[0m
/etc/cron.d/:
drwxr-xr-x   2 root root 4096 Feb 26 13:22 .
drwxr-xr-x 116 root root 4096 Jun 11 05:11 ..
-rw-r--r--   1 root root  802 Apr 16  2023 certbot
-rw-r--r--   1 root root  201 Apr  8  2024 e2scrub_all
-rw-r--r--   1 root root  712 Jan 18  2024 php
-rw-r--r--   1 root root  102 Apr 23  2024 .placeholder
-rw-r--r--   1 root root  396 Apr 23  2024 sysstat

/etc/cron.daily/:
drwxr-xr-x   2 root root 4096 Feb 26 12:53 .
drwxr-xr-x 116 root root 4096 Jun 11 05:11 ..
-rwxr-xr-x   1 root root  539 Mar 18  2024 apache2
-rwxr-xr-x   1 root root  376 Apr 18  2024 apport
-rwxr-xr-x   1 root root 1478 Mar 22  2024 apt-compat
-rwxr-xr-x   1 root root  123 Feb  4  2024 dpkg
-rwxr-xr-x   1 root root  377 Apr 23  2024 logrotate
-rwxr-xr-x   1 root root 1395 Apr 23  2024 man-db
-rw-r--r--   1 root root  102 Apr 23  2024 .placeholder
-rwxr-xr-x   1 root root  518 Apr 23  2024 sysstat

/etc/cron.hourly/:
drwxr-xr-x   2 root root 4096 Apr 26  2024 .
drwxr-xr-x 116 root root 4096 Jun 11 05:11 ..
-rw-r--r--   1 root root  102 Apr 23  2024 .placeholder

/etc/cron.monthly/:
drwxr-xr-x   2 root root 4096 Apr 26  2024 .
drwxr-xr-x 116 root root 4096 Jun 11 05:11 ..
-rw-r--r--   1 root root  102 Apr 23  2024 .placeholder

/etc/cron.weekly/:
drwxr-xr-x   2 root root 4096 Apr 26  2024 .
drwxr-xr-x 116 root root 4096 Jun 11 05:11 ..
-rwxr-xr-x   1 root root   73 Apr 26  2024 fstrim
-rwxr-xr-x   1 root root 1055 Apr 23  2024 man-db
-rw-r--r--   1 root root  102 Apr 23  2024 .placeholder

/etc/cron.yearly/:
drwxr-xr-x   2 root root 4096 Apr 26  2024 .
drwxr-xr-x 116 root root 4096 Jun 11 05:11 ..
-rw-r--r--   1 root root  102 Apr 23  2024 .placeholder

[0;36m--- Cron Jobs de Usuarios ---[0m

[0;34m================================================================================[0m
[0;34m11. RESUMEN DE LA AUDITORÍA[0m
[0;34m================================================================================[0m

[0;32m✓ Servidores Web:[0m
  - Apache: Instalado
  - Nginx: No instalado

[0;32m✓ Bases de Datos:[0m
  - MySQL: No instalado
  - MariaDB: No instalado
  - PostgreSQL: No instalado
  - Redis: No instalado

[0;32m✓ Lenguajes:[0m
  - PHP: Instalado
  - Python 3: Instalado
  - Node.js: No instalado

[0;32m✓ Herramientas:[0m
  - Docker: No instalado
  - Git: Instalado
  - Composer: Instalado

[0;34m================================================================================[0m
[0;34mAuditoría completada en: Wed Jun 11 05:16:52 AM -05 2025[0m
[0;34mPara más detalles, revisa las secciones específicas arriba.[0m
[0;34m================================================================================[0m

[1;33mSugerencias:[0m
1. Guarda este reporte: ./audit_script.sh > server_audit_20250611.txt
2. Revisa los logs de errores si hay servicios inactivos
3. Actualiza los paquetes regularmente: sudo apt update && sudo apt upgrade
4. Considera configurar backups automáticos
5. Revisa la configuración de seguridad (SSH, Firewall, Fail2ban)