$ sudo ./verify_fortress.sh
════════════════════════════════════════════════════════════════
FORTRESS.SH Health Verification v5.2
════════════════════════════════════════════════════════════════
Date: Tue May 26 03:50:43 PM EDT 2026
Hostname: debian
[TEST 1] Basic System Commands
─────────────────────────────────────────────────
✓ ls command works
✓ cat command works
✓ echo command works
✓ bash works
[TEST 2] Network Connectivity
─────────────────────────────────────────────────
✗ IPv4 connectivity FAILED
Hint: Check firewall rules and network configuration
⚠ DNS resolution may have issues
[TEST 3] Docker (if installed)
─────────────────────────────────────────────────
Docker is installed
✓ Docker daemon is accessible
Testing Docker container networking...
✗ Docker container networking FAILED
Hint: Check net.ipv4.ip_forward in /etc/sysctl.d/99-fortress.conf
Fix: Set net.ipv4.ip_forward = 1 and run: sudo sysctl -p
[TEST 4] Web Browsers (if installed)
─────────────────────────────────────────────────
Testing firefox...
✓ firefox version check works
Testing firefox-esr...
✓ firefox-esr version check works
[TEST 5] SSH Service
─────────────────────────────────────────────────
✓ SSH service is running
✓ SSH configuration syntax valid
[TEST 6] Firewall Status
─────────────────────────────────────────────────
✓ UFW firewall is active
[TEST 7] Critical Libraries
─────────────────────────────────────────────────
✓ libc.so.6 readable
✓ libstdc++.so.6 readable
✓ libm.so.6 readable
✓ libpthread.so.0 readable
✓ libdl.so.2 readable
✓ libgcc_s.so.1 readable
[TEST 8] AppArmor Status
─────────────────────────────────────────────────
✓ AppArmor service is running
✓ 18 profiles in enforce mode
[TEST 9] Audit Daemon
─────────────────────────────────────────────────
✓ Audit daemon is running
[TEST 10] Mount Options
─────────────────────────────────────────────────
✓ /dev/shm mount options OK for browsers
[TEST 11] FORTRESS Configuration
─────────────────────────────────────────────────
⚠ FORTRESS sysctl config not found
[TEST 12] SSH Configuration (v5.2)
─────────────────────────────────────────────────
AllowTcpForwarding = yes
AllowAgentForwarding = yes
KbdInteractiveAuthentication = no
MaxSessions = 10
PermitRootLogin = without-password
PasswordAuthentication = yes
○ Looks like scanner-mode (TCP & agent forwarding enabled).
OK for Nessus/CIS credentialed scans; revert with --force-server if unwanted.
✓ sshd_config parses cleanly
[TEST 13] Kernel Sysctl Hardening
─────────────────────────────────────────────────
⚠ kernel.yama.ptrace_scope = 0 (FORTRESS default is 1)
⚠ kernel.kptr_restrict = 0 (FORTRESS default is 2)
✓ kernel.dmesg_restrict = 1
✓ net.ipv4.tcp_syncookies = 1
✓ kernel.randomize_va_space = 2
════════════════════════════════════════════════════════════════
VERIFICATION SUMMARY
════════════════════════════════════════════════════════════════
Passed: 24
Failed: 2
Warnings: 4
════════════════════════════════════════════════════════════════
⚠ SOME TESTS FAILED - ACTION REQUIRED
════════════════════════════════════════════════════════════════
Recommended fixes:
1. For library permission issues:
sudo ./fix_library_permissions.sh
2. For Docker networking issues:
sudo sed -i 's/net.ipv4.ip_forward = 0/net.ipv4.ip_forward = 1/' /etc/sysctl.d/99-fortress.conf
sudo sysctl -p /etc/sysctl.d/99-fortress.conf
3. For browser issues:
sudo sed -i 's/nodev,nosuid,noexec/nodev,nosuid/' /etc/fstab
sudo mount -o remount /dev/shm
4. View full diagnostic:
sudo ./PERM_diagnostic.sh
