Reorganize Security & Monitoring menu with sub-menus
Issue: Security menu had 17 flat options, hard to navigate New Structure: Main Security Menu now has 5 organized categories: 1) 📊 Threat Analysis (5 tools) - Bot & Traffic Analyzer (full + quick scan) - IP Reputation Manager - Suspicious Login Monitor - Malware Scanner 2) 🔴 Live Monitoring (4 tools) - Live Attack Monitor - SSH Attack Monitor - Web Traffic Monitor - Firewall Activity Monitor 3) 📋 Log Viewers (4 tools) - Apache Access/Error logs - Mail log - Security log 4) 🔒 Security Actions (3 tools) - Enable cPHulk - Optimize CT_LIMIT - Block Malicious Bots 5) 🛠️ System Diagnostics (1 tool) - Historical Attack Analysis Implementation: - Added 5 sub-menu show/handle function pairs (10 functions) - Simplified main security menu to 5 category options - Maintained all existing module paths (no breaking changes) - Total: +163 lines, -39 lines (net +124 lines) Benefits: - Easier navigation - fewer options per screen - Logical grouping - related tools together - Scalable - easy to add new tools to categories - Clearer purpose - category names show intent Testing: ✓ Syntax validated ✓ All function calls preserved ✓ Navigation flow: Main → Category → Tool → Back Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
cschantz
+163
-39
@@ -110,41 +110,177 @@ show_main_menu() {
|
|||||||
# SECURITY & MONITORING
|
# SECURITY & MONITORING
|
||||||
#############################################################################
|
#############################################################################
|
||||||
|
|
||||||
show_security_menu() {
|
#############################################################################
|
||||||
|
# SECURITY SUB-MENUS
|
||||||
|
#############################################################################
|
||||||
|
|
||||||
|
# Threat Analysis Sub-Menu
|
||||||
|
show_threat_analysis_menu() {
|
||||||
show_banner
|
show_banner
|
||||||
echo -e "${GREEN}${BOLD}🛡️ Security & Monitoring${NC}"
|
echo -e "${GREEN}${BOLD}📊 Threat Analysis${NC}"
|
||||||
echo ""
|
|
||||||
echo -e "${BOLD}Threat Analysis:${NC}"
|
|
||||||
echo ""
|
echo ""
|
||||||
echo -e " ${CYAN}1)${NC} 🤖 Bot & Traffic Analyzer - Full analysis (all logs)"
|
echo -e " ${CYAN}1)${NC} 🤖 Bot & Traffic Analyzer - Full analysis (all logs)"
|
||||||
echo -e " ${CYAN}2)${NC} 🤖 Quick Scan (1 hour) - Recent activity only"
|
echo -e " ${CYAN}2)${NC} 🤖 Quick Scan (1 hour) - Recent activity only"
|
||||||
echo -e " ${CYAN}3)${NC} 📊 IP Reputation Manager - Query/manage IP database"
|
echo -e " ${CYAN}3)${NC} 📊 IP Reputation Manager - Query/manage IP database"
|
||||||
echo -e " ${CYAN}4)${NC} 🦠 Malware Scanner - ImunifyAV, ClamAV, Maldet"
|
echo -e " ${CYAN}4)${NC} 🔐 Suspicious Login Monitor - SSH/Panel login analysis"
|
||||||
echo -e " ${CYAN}17)${NC} 🔐 Suspicious Login Monitor - SSH/Panel login analysis"
|
echo -e " ${CYAN}5)${NC} 🦠 Malware Scanner - ImunifyAV, ClamAV, Maldet"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e "${BOLD}Live Monitoring:${NC}"
|
echo -e " ${RED}0)${NC} Back to Security Menu"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e " ${MAGENTA}5)${NC} 📡 Live Attack Monitor - Unified threat intelligence"
|
echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}"
|
||||||
echo -e " ${MAGENTA}6)${NC} 🔐 SSH Attack Monitor - SSH brute force detection"
|
echo -n "Select option: "
|
||||||
echo -e " ${MAGENTA}7)${NC} 🌐 Web Traffic Monitor - HTTP attack detection"
|
}
|
||||||
echo -e " ${MAGENTA}8)${NC} 🔥 Firewall Activity Monitor - CSF/iptables monitoring"
|
|
||||||
|
handle_threat_analysis_menu() {
|
||||||
|
while true; do
|
||||||
|
show_threat_analysis_menu
|
||||||
|
read -r choice
|
||||||
|
|
||||||
|
case $choice in
|
||||||
|
1) run_module "security" "bot-analyzer.sh" ;;
|
||||||
|
2) run_module "security" "bot-analyzer.sh" -H 1 ;;
|
||||||
|
3) run_module "security" "ip-reputation-manager.sh" ;;
|
||||||
|
4) run_module "security" "suspicious-login-monitor.sh" ;;
|
||||||
|
5) run_module "security" "malware-scanner.sh" ;;
|
||||||
|
0) return ;;
|
||||||
|
*) echo -e "${RED}Invalid option${NC}"; sleep 1 ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
# Live Monitoring Sub-Menu
|
||||||
|
show_live_monitoring_menu() {
|
||||||
|
show_banner
|
||||||
|
echo -e "${MAGENTA}${BOLD}🔴 Live Monitoring${NC}"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e "${BOLD}Log Viewers:${NC}"
|
echo -e " ${MAGENTA}1)${NC} 📡 Live Attack Monitor - Unified threat intelligence"
|
||||||
|
echo -e " ${MAGENTA}2)${NC} 🔐 SSH Attack Monitor - SSH brute force detection"
|
||||||
|
echo -e " ${MAGENTA}3)${NC} 🌐 Web Traffic Monitor - HTTP attack detection"
|
||||||
|
echo -e " ${MAGENTA}4)${NC} 🔥 Firewall Activity Monitor - CSF/iptables monitoring"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e " ${CYAN}9)${NC} Tail Apache Access Log - Live web access"
|
echo -e " ${RED}0)${NC} Back to Security Menu"
|
||||||
echo -e " ${CYAN}10)${NC} Tail Apache Error Log - Live web errors"
|
|
||||||
echo -e " ${CYAN}11)${NC} Tail Mail Log - Live email activity"
|
|
||||||
echo -e " ${CYAN}12)${NC} Tail Security Log - Live auth attempts"
|
|
||||||
echo ""
|
echo ""
|
||||||
echo -e "${BOLD}Security Actions:${NC}"
|
echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}"
|
||||||
|
echo -n "Select option: "
|
||||||
|
}
|
||||||
|
|
||||||
|
handle_live_monitoring_menu() {
|
||||||
|
while true; do
|
||||||
|
show_live_monitoring_menu
|
||||||
|
read -r choice
|
||||||
|
|
||||||
|
case $choice in
|
||||||
|
1) run_module "security" "live-attack-monitor.sh" ;;
|
||||||
|
2) run_module "security" "ssh-attack-monitor.sh" ;;
|
||||||
|
3) run_module "security" "web-traffic-monitor.sh" ;;
|
||||||
|
4) run_module "security" "firewall-activity-monitor.sh" ;;
|
||||||
|
0) return ;;
|
||||||
|
*) echo -e "${RED}Invalid option${NC}"; sleep 1 ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
# Log Viewers Sub-Menu
|
||||||
|
show_log_viewers_menu() {
|
||||||
|
show_banner
|
||||||
|
echo -e "${BLUE}${BOLD}📋 Log Viewers${NC}"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e " ${YELLOW}13)${NC} 🔒 Enable cPHulk Protection - Brute force protection"
|
echo -e " ${BLUE}1)${NC} 🌐 Apache Access Log - Live web access"
|
||||||
echo -e " ${YELLOW}14)${NC} ⚙️ Optimize CT_LIMIT - Connection tracking tuning"
|
echo -e " ${BLUE}2)${NC} ❌ Apache Error Log - Live web errors"
|
||||||
echo -e " ${YELLOW}16)${NC} 🤖 Block Malicious Bots - User-Agent blocking (Apache)"
|
echo -e " ${BLUE}3)${NC} 📧 Mail Log - Live email activity"
|
||||||
|
echo -e " ${BLUE}4)${NC} 🔐 Security Log - Live auth attempts"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e "${BOLD}Analysis Tools:${NC}"
|
echo -e " ${RED}0)${NC} Back to Security Menu"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e " ${GREEN}15)${NC} 🛡️ Historical Attack Analysis - Scan past logs for attacks (ET Open)"
|
echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}"
|
||||||
|
echo -n "Select option: "
|
||||||
|
}
|
||||||
|
|
||||||
|
handle_log_viewers_menu() {
|
||||||
|
while true; do
|
||||||
|
show_log_viewers_menu
|
||||||
|
read -r choice
|
||||||
|
|
||||||
|
case $choice in
|
||||||
|
1) run_module "security" "tail-apache-access.sh" ;;
|
||||||
|
2) run_module "security" "tail-apache-error.sh" ;;
|
||||||
|
3) run_module "security" "tail-mail-log.sh" ;;
|
||||||
|
4) run_module "security" "tail-secure-log.sh" ;;
|
||||||
|
0) return ;;
|
||||||
|
*) echo -e "${RED}Invalid option${NC}"; sleep 1 ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
# Security Actions Sub-Menu
|
||||||
|
show_security_actions_menu() {
|
||||||
|
show_banner
|
||||||
|
echo -e "${YELLOW}${BOLD}🔒 Security Actions${NC}"
|
||||||
|
echo ""
|
||||||
|
echo -e " ${YELLOW}1)${NC} 🔒 Enable cPHulk Protection - Brute force protection"
|
||||||
|
echo -e " ${YELLOW}2)${NC} ⚙️ Optimize CT_LIMIT - Connection tracking tuning"
|
||||||
|
echo -e " ${YELLOW}3)${NC} 🤖 Block Malicious Bots - User-Agent blocking (Apache)"
|
||||||
|
echo ""
|
||||||
|
echo -e " ${RED}0)${NC} Back to Security Menu"
|
||||||
|
echo ""
|
||||||
|
echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}"
|
||||||
|
echo -n "Select option: "
|
||||||
|
}
|
||||||
|
|
||||||
|
handle_security_actions_menu() {
|
||||||
|
while true; do
|
||||||
|
show_security_actions_menu
|
||||||
|
read -r choice
|
||||||
|
|
||||||
|
case $choice in
|
||||||
|
1) run_module "security" "enable-cphulk.sh" ;;
|
||||||
|
2) run_module "security" "optimize-ct-limit.sh" ;;
|
||||||
|
3) run_module "security" "bot-blocker.sh" ;;
|
||||||
|
0) return ;;
|
||||||
|
*) echo -e "${RED}Invalid option${NC}"; sleep 1 ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
# System Diagnostics Sub-Menu
|
||||||
|
show_system_diagnostics_menu() {
|
||||||
|
show_banner
|
||||||
|
echo -e "${GREEN}${BOLD}🛠️ System Diagnostics${NC}"
|
||||||
|
echo ""
|
||||||
|
echo -e " ${GREEN}1)${NC} 🛡️ Historical Attack Analysis - Scan past logs (ET Open)"
|
||||||
|
echo ""
|
||||||
|
echo -e " ${RED}0)${NC} Back to Security Menu"
|
||||||
|
echo ""
|
||||||
|
echo -e "${CYAN}──────────────────────────────────────────────────────────────${NC}"
|
||||||
|
echo -n "Select option: "
|
||||||
|
}
|
||||||
|
|
||||||
|
handle_system_diagnostics_menu() {
|
||||||
|
while true; do
|
||||||
|
show_system_diagnostics_menu
|
||||||
|
read -r choice
|
||||||
|
|
||||||
|
case $choice in
|
||||||
|
1) bash "$BASE_DIR/tools/analyze-historical-attacks.sh" ;;
|
||||||
|
0) return ;;
|
||||||
|
*) echo -e "${RED}Invalid option${NC}"; sleep 1 ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
}
|
||||||
|
|
||||||
|
#############################################################################
|
||||||
|
# MAIN SECURITY MENU
|
||||||
|
#############################################################################
|
||||||
|
|
||||||
|
show_security_menu() {
|
||||||
|
show_banner
|
||||||
|
echo -e "${GREEN}${BOLD}🛡️ Security & Monitoring${NC}"
|
||||||
|
echo ""
|
||||||
|
echo -e " ${CYAN}1)${NC} 📊 Threat Analysis → Analyze threats & reputation"
|
||||||
|
echo -e " ${MAGENTA}2)${NC} 🔴 Live Monitoring → Real-time attack detection"
|
||||||
|
echo -e " ${BLUE}3)${NC} 📋 Log Viewers → Tail system/security logs"
|
||||||
|
echo -e " ${YELLOW}4)${NC} 🔒 Security Actions → Hardening & protection"
|
||||||
|
echo -e " ${GREEN}5)${NC} 🛠️ System Diagnostics → Analyze past attacks"
|
||||||
echo ""
|
echo ""
|
||||||
echo -e " ${RED}0)${NC} Back to Main Menu"
|
echo -e " ${RED}0)${NC} Back to Main Menu"
|
||||||
echo ""
|
echo ""
|
||||||
@@ -158,23 +294,11 @@ handle_security_menu() {
|
|||||||
read -r choice
|
read -r choice
|
||||||
|
|
||||||
case $choice in
|
case $choice in
|
||||||
1) run_module "security" "bot-analyzer.sh" ;;
|
1) handle_threat_analysis_menu ;;
|
||||||
2) run_module "security" "bot-analyzer.sh" -H 1 ;;
|
2) handle_live_monitoring_menu ;;
|
||||||
3) run_module "security" "ip-reputation-manager.sh" ;;
|
3) handle_log_viewers_menu ;;
|
||||||
4) run_module "security" "malware-scanner.sh" ;;
|
4) handle_security_actions_menu ;;
|
||||||
5) run_module "security" "live-attack-monitor.sh" ;;
|
5) handle_system_diagnostics_menu ;;
|
||||||
6) run_module "security" "ssh-attack-monitor.sh" ;;
|
|
||||||
7) run_module "security" "web-traffic-monitor.sh" ;;
|
|
||||||
8) run_module "security" "firewall-activity-monitor.sh" ;;
|
|
||||||
9) run_module "security" "tail-apache-access.sh" ;;
|
|
||||||
10) run_module "security" "tail-apache-error.sh" ;;
|
|
||||||
11) run_module "security" "tail-mail-log.sh" ;;
|
|
||||||
12) run_module "security" "tail-secure-log.sh" ;;
|
|
||||||
13) run_module "security" "enable-cphulk.sh" ;;
|
|
||||||
14) run_module "security" "optimize-ct-limit.sh" ;;
|
|
||||||
15) bash "$BASE_DIR/tools/analyze-historical-attacks.sh" ;;
|
|
||||||
16) run_module "security" "bot-blocker.sh" ;;
|
|
||||||
17) run_module "security" "suspicious-login-monitor.sh" ;;
|
|
||||||
0) return ;;
|
0) return ;;
|
||||||
*) echo -e "${RED}Invalid option${NC}"; sleep 1 ;;
|
*) echo -e "${RED}Invalid option${NC}"; sleep 1 ;;
|
||||||
esac
|
esac
|
||||||
|
|||||||
Reference in New Issue
Block a user