A can-of-worms, opening you are...
Start taking a look at your running services as well as what is chkconfig'ed to startup.
Code:
/sbin/service --status-all
/sbin/chkconfig --list
Take a look at your network configs and open ports:
Code:
/sbin/iptables -L
/sbin/ifconfig -a
cat /etc/sysconfig/network
cat /etc/sysconfig/network-scripts/ifcfg-*
/sbin/route -n
/bin/netstat -an | /bin/grep tcp | /bin/grep LISTEN
Take a look at users/groups/sudo'ers:
Code:
cat /etc/passwd /etc/group /etc/sudoers
Get some general system info, including storage:
Code:
/bin/uname -a
/bin/df -h
/bin/mount | column -t
cat /etc/hosts
/bin/cat /etc/resolv.conf
/bin/cat /boot/grub/grub.conf
/bin/cat /etc/fstab
Some other things to catalogue would be all running processes and their command line arguements:
All installed packages and doing a file dump to see config files:
Code:
for rpm in $(rpm -qa); do echo -e "\033[1m $rpm \033[0m" >> /tmp/rpmlist.txt && rpm -q -c $rpm >> /tmp/rpmlist.txt; done
#the numbers and jargon after the echo -e makes the text appear bold to highlight the package name in your output file.
You will want to put most of these in a bash script and redirect them to a file as the output will be alot of rubbish that you need to dig through.
Let us know if you have any questions.
