From 6c124733b580cbab4a78e13246dd4b74bffcc89b Mon Sep 17 00:00:00 2001 From: Josh Brower Date: Thu, 17 Feb 2022 10:50:26 -0500 Subject: [PATCH] IDH - Enable default states --- salt/idh/defaults.yml | 57 +---------------------- salt/idh/defaults/ftp.defaults.yaml | 6 +++ salt/idh/defaults/git.defaults.yaml | 5 ++ salt/idh/defaults/http.defaults.yaml | 12 +++++ salt/idh/defaults/httpproxy.defaults.yaml | 11 +++++ salt/idh/defaults/mssql.defaults.yaml | 6 +++ salt/idh/defaults/mysql.defaults.yaml | 6 +++ salt/idh/defaults/ntp.defaults.yaml | 5 ++ salt/idh/defaults/rdp.defaults.yaml | 5 ++ salt/idh/defaults/redis.defaults.yaml | 5 ++ salt/idh/defaults/sip.defaults.yaml | 5 ++ salt/idh/defaults/smb.defaults.yaml | 5 ++ salt/idh/defaults/snmp.defaults.yaml | 5 ++ salt/idh/defaults/ssh.defaults.yaml | 6 +++ salt/idh/defaults/telnet.defaults.yaml | 11 +++++ salt/idh/defaults/tftp.defaults.yaml | 5 ++ salt/idh/defaults/vnc.defaults.yaml | 5 ++ 17 files changed, 104 insertions(+), 56 deletions(-) create mode 100644 salt/idh/defaults/ftp.defaults.yaml create mode 100644 salt/idh/defaults/git.defaults.yaml create mode 100644 salt/idh/defaults/http.defaults.yaml create mode 100644 salt/idh/defaults/httpproxy.defaults.yaml create mode 100644 salt/idh/defaults/mssql.defaults.yaml create mode 100644 salt/idh/defaults/mysql.defaults.yaml create mode 100644 salt/idh/defaults/ntp.defaults.yaml create mode 100644 salt/idh/defaults/rdp.defaults.yaml create mode 100644 salt/idh/defaults/redis.defaults.yaml create mode 100644 salt/idh/defaults/sip.defaults.yaml create mode 100644 salt/idh/defaults/smb.defaults.yaml create mode 100644 salt/idh/defaults/snmp.defaults.yaml create mode 100644 salt/idh/defaults/ssh.defaults.yaml create mode 100644 salt/idh/defaults/telnet.defaults.yaml create mode 100644 salt/idh/defaults/tftp.defaults.yaml create mode 100644 salt/idh/defaults/vnc.defaults.yaml diff --git a/salt/idh/defaults.yml b/salt/idh/defaults.yml index 708be4d4f..5f3cc826c 100644 --- a/salt/idh/defaults.yml +++ b/salt/idh/defaults.yml @@ -2,28 +2,6 @@ idh: opencanary: config: device.node_id: {{ grains.host }} - git.enabled: true - git.port: 9418 - ftp.enabled: true - ftp.port: 21 - ftp.banner: FTP server ready - http.banner: Apache/2.2.22 (Ubuntu) - http.enabled: true - http.port: 80 - http.skin: nasLogin - http.skin.list: - - desc: Plain HTML Login - name: basicLogin - - desc: Synology NAS Login - name: nasLogin - httpproxy.enabled: false - httpproxy.port: 8080 - httpproxy.skin: squid - httproxy.skin.list: - - desc: Squid - name: squid - - desc: Microsoft ISA Server Web Proxy - name: ms-isa logger: class: PyLogger kwargs: @@ -42,26 +20,6 @@ idh: portscan.synrate: 5 portscan.nmaposrate: 5 portscan.lorate: 3 - smb.auditfile: /var/log/samba-audit.log - smb.enabled: false - mysql.enabled: false - mysql.port: 3306 - mysql.banner: 5.5.43-0ubuntu0.14.04.1 - ssh.enabled: false - ssh.port: 22 - ssh.version: SSH-2.0-OpenSSH_5.1p1 Debian-4 - redis.enabled: false - redis.port: 6379 - rdp.enabled: false - rdp.port: 3389 - sip.enabled: false - sip.port: 5060 - snmp.enabled: false - snmp.port: 161 - ntp.enabled: false - ntp.port: '123' - tftp.enabled: false - tftp.port: 69 tcpbanner.maxnum: 10 tcpbanner.enabled: false tcpbanner_1.enabled: false @@ -74,17 +32,4 @@ idh: tcpbanner_1.keep_alive_secret: '' tcpbanner_1.keep_alive_probes: 11 tcpbanner_1.keep_alive_interval: 300 - tcpbanner_1.keep_alive_idle: 300 - telnet.enabled: false - telnet.port: '23' - telnet.banner: '' - telnet.honeycreds: - - username: admin - password: $pbkdf2-sha512$19000$bG1NaY3xvjdGyBlj7N37Xw$dGrmBqqWa1okTCpN3QEmeo9j5DuV2u1EuVFD8Di0GxNiM64To5O/Y66f7UASvnQr8.LCzqTm6awC8Kj/aGKvwA - - username: admin - password: admin1 - mssql.enabled: false - mssql.version: '2012' - mssql.port: 1433 - vnc.enabled: false - vnc.port: 5000 \ No newline at end of file + tcpbanner_1.keep_alive_idle: 300 \ No newline at end of file diff --git a/salt/idh/defaults/ftp.defaults.yaml b/salt/idh/defaults/ftp.defaults.yaml new file mode 100644 index 000000000..bed8f90dc --- /dev/null +++ b/salt/idh/defaults/ftp.defaults.yaml @@ -0,0 +1,6 @@ +idh: + opencanary: + config: + ftp.enabled: true + ftp.port: 21 + ftp.banner: FTP server ready \ No newline at end of file diff --git a/salt/idh/defaults/git.defaults.yaml b/salt/idh/defaults/git.defaults.yaml new file mode 100644 index 000000000..e6946465a --- /dev/null +++ b/salt/idh/defaults/git.defaults.yaml @@ -0,0 +1,5 @@ +idh: + opencanary: + config: + git.enabled: true + git.port: 9418 \ No newline at end of file diff --git a/salt/idh/defaults/http.defaults.yaml b/salt/idh/defaults/http.defaults.yaml new file mode 100644 index 000000000..31680d5d0 --- /dev/null +++ b/salt/idh/defaults/http.defaults.yaml @@ -0,0 +1,12 @@ +idh: + opencanary: + config: + http.banner: Apache/2.2.22 (Ubuntu) + http.enabled: false + http.port: 80 + http.skin: nasLogin + http.skin.list: + - desc: Plain HTML Login + name: basicLogin + - desc: Synology NAS Login + name: nasLogin \ No newline at end of file diff --git a/salt/idh/defaults/httpproxy.defaults.yaml b/salt/idh/defaults/httpproxy.defaults.yaml new file mode 100644 index 000000000..6b9b97558 --- /dev/null +++ b/salt/idh/defaults/httpproxy.defaults.yaml @@ -0,0 +1,11 @@ +idh: + opencanary: + config: + httpproxy.enabled: false + httpproxy.port: 8080 + httpproxy.skin: squid + httproxy.skin.list: + - desc: Squid + name: squid + - desc: Microsoft ISA Server Web Proxy + name: ms-isa \ No newline at end of file diff --git a/salt/idh/defaults/mssql.defaults.yaml b/salt/idh/defaults/mssql.defaults.yaml new file mode 100644 index 000000000..199640992 --- /dev/null +++ b/salt/idh/defaults/mssql.defaults.yaml @@ -0,0 +1,6 @@ +idh: + opencanary: + config: + mssql.enabled: true + mssql.version: '2012' + mssql.port: 1433 \ No newline at end of file diff --git a/salt/idh/defaults/mysql.defaults.yaml b/salt/idh/defaults/mysql.defaults.yaml new file mode 100644 index 000000000..4cff7c628 --- /dev/null +++ b/salt/idh/defaults/mysql.defaults.yaml @@ -0,0 +1,6 @@ +idh: + opencanary: + config: + mysql.enabled: false + mysql.port: 3306 + mysql.banner: 5.5.43-0ubuntu0.14.04.1 \ No newline at end of file diff --git a/salt/idh/defaults/ntp.defaults.yaml b/salt/idh/defaults/ntp.defaults.yaml new file mode 100644 index 000000000..e3968068e --- /dev/null +++ b/salt/idh/defaults/ntp.defaults.yaml @@ -0,0 +1,5 @@ +idh: + opencanary: + config: + ntp.enabled: false + ntp.port: '123' \ No newline at end of file diff --git a/salt/idh/defaults/rdp.defaults.yaml b/salt/idh/defaults/rdp.defaults.yaml new file mode 100644 index 000000000..fb406e123 --- /dev/null +++ b/salt/idh/defaults/rdp.defaults.yaml @@ -0,0 +1,5 @@ +idh: + opencanary: + config: + rdp.enabled: false + rdp.port: 3389 \ No newline at end of file diff --git a/salt/idh/defaults/redis.defaults.yaml b/salt/idh/defaults/redis.defaults.yaml new file mode 100644 index 000000000..6c594f736 --- /dev/null +++ b/salt/idh/defaults/redis.defaults.yaml @@ -0,0 +1,5 @@ +idh: + opencanary: + config: + redis.enabled: false + redis.port: 6379 \ No newline at end of file diff --git a/salt/idh/defaults/sip.defaults.yaml b/salt/idh/defaults/sip.defaults.yaml new file mode 100644 index 000000000..1981c178d --- /dev/null +++ b/salt/idh/defaults/sip.defaults.yaml @@ -0,0 +1,5 @@ +idh: + opencanary: + config: + sip.enabled: false + sip.port: 5060 \ No newline at end of file diff --git a/salt/idh/defaults/smb.defaults.yaml b/salt/idh/defaults/smb.defaults.yaml new file mode 100644 index 000000000..fbf8c12b6 --- /dev/null +++ b/salt/idh/defaults/smb.defaults.yaml @@ -0,0 +1,5 @@ +idh: + opencanary: + config: + smb.auditfile: /var/log/samba-audit.log + smb.enabled: false \ No newline at end of file diff --git a/salt/idh/defaults/snmp.defaults.yaml b/salt/idh/defaults/snmp.defaults.yaml new file mode 100644 index 000000000..981dceaeb --- /dev/null +++ b/salt/idh/defaults/snmp.defaults.yaml @@ -0,0 +1,5 @@ +idh: + opencanary: + config: + snmp.enabled: false + snmp.port: 161 \ No newline at end of file diff --git a/salt/idh/defaults/ssh.defaults.yaml b/salt/idh/defaults/ssh.defaults.yaml new file mode 100644 index 000000000..aed7de490 --- /dev/null +++ b/salt/idh/defaults/ssh.defaults.yaml @@ -0,0 +1,6 @@ +idh: + opencanary: + config: + ssh.enabled: false + ssh.port: 22 + ssh.version: SSH-2.0-OpenSSH_5.1p1 Debian-4 \ No newline at end of file diff --git a/salt/idh/defaults/telnet.defaults.yaml b/salt/idh/defaults/telnet.defaults.yaml new file mode 100644 index 000000000..34f1d3190 --- /dev/null +++ b/salt/idh/defaults/telnet.defaults.yaml @@ -0,0 +1,11 @@ +idh: + opencanary: + config: + telnet.enabled: true + telnet.port: '23' + telnet.banner: '' + telnet.honeycreds: + - username: admin + password: $pbkdf2-sha512$19000$bG1NaY3xvjdGyBlj7N37Xw$dGrmBqqWa1okTCpN3QEmeo9j5DuV2u1EuVFD8Di0GxNiM64To5O/Y66f7UASvnQr8.LCzqTm6awC8Kj/aGKvwA + - username: admin + password: admin1 \ No newline at end of file diff --git a/salt/idh/defaults/tftp.defaults.yaml b/salt/idh/defaults/tftp.defaults.yaml new file mode 100644 index 000000000..01996ed3b --- /dev/null +++ b/salt/idh/defaults/tftp.defaults.yaml @@ -0,0 +1,5 @@ +idh: + opencanary: + config: + tftp.enabled: false + tftp.port: 69 \ No newline at end of file diff --git a/salt/idh/defaults/vnc.defaults.yaml b/salt/idh/defaults/vnc.defaults.yaml new file mode 100644 index 000000000..55d4abddc --- /dev/null +++ b/salt/idh/defaults/vnc.defaults.yaml @@ -0,0 +1,5 @@ +idh: + opencanary: + config: + vnc.enabled: true + vnc.port: 5000 \ No newline at end of file