CSEC_PUBLIC/securityonion
1
0
Fork 0
mirror of https://github.com/Security-Onion-Solutions/securityonion.git synced 2025-12-06 17:22:49 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #74 from TOoSmOotH/master

Browse Source 
1.1.2
This commit is contained in:
Mike Reeves
2019-10-09 14:53:07 -04:00
committed by GitHub
parent 7cceb9ea9e e999a27d3e
commit c6f3a1bdd1
4 changed files with 37 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
README.md
View File

@@ -1,3 +1,9 @@
## Hybrid Hunter Alpha 1.1.2
- Quick firewall fix to address latest docker version.
- Added the option to install playbook from the initial install.
- Fixed an issue with multiple monitor interfaces not working properly.
## Hybrid Hunter Alpha 1.1.1 ## Hybrid Hunter Alpha 1.1.1
### Changes: ### Changes:

4
salt/common/init.sls
View File

@@ -116,13 +116,13 @@ nginxtmp:
# Start the core docker # Start the core docker
so-coreimage: so-coreimage:
cmd.run: cmd.run:
- name: docker pull --disable-content-trust=false soshybridhunter/so-core:HH1.1.1 - name: docker pull --disable-content-trust=false soshybridhunter/so-core:HH1.1.2
so-core: so-core:
docker_container.running: docker_container.running:
- require: - require:
- so-coreimage - so-coreimage
- image: soshybridhunter/so-core:HH1.1.1 - image: soshybridhunter/so-core:HH1.1.2
- hostname: so-core - hostname: so-core
- user: socore - user: socore
- binds: - binds:

17
salt/firewall/init.sls
View File

@@ -6,6 +6,21 @@
{%- elif grains['role'] == 'so-sensor' %} {%- elif grains['role'] == 'so-sensor' %}
{%- set ip = salt['pillar.get']('sensor:mainip', '') %} {%- set ip = salt['pillar.get']('sensor:mainip', '') %}
{%- endif %} {%- endif %}
# Quick Fix for Docker being difficult
iptables_fix_docker:
iptables.chain_present:
- name: DOCKER-USER
- table: filter
# Add the Forward Rule since Docker ripped it out
iptables_fix_fwd:
iptables.insert:
- table: filter
- chain: FORWARD
- jump: ACCEPT
- position: 1
- target: DOCKER-USER
# Keep localhost in the game # Keep localhost in the game
iptables_allow_localhost: iptables_allow_localhost:
iptables.append: iptables.append:
@@ -238,7 +253,7 @@ enable_master_playbook_3200_{{ip}}:
- dport: 3200 - dport: 3200
- position: 1 - position: 1
- save: True - save: True
enable_master_navigator_4200_{{ip}}: enable_master_navigator_4200_{{ip}}:
iptables.insert: iptables.insert:
- table: filter - table: filter

16
so-setup-network.sh
View File

@@ -556,7 +556,7 @@ master_pillar() {
echo " osquery: $OSQUERY" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls echo " osquery: $OSQUERY" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " wazuh: $WAZUH" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls echo " wazuh: $WAZUH" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " thehive: $THEHIVE" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls echo " thehive: $THEHIVE" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
echo " playbook: 0" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls echo " playbook: $PLAYBOOK" >> /opt/so/saltstack/pillar/masters/$HOSTNAME.sls
} }
master_static() { master_static() {
@@ -620,6 +620,7 @@ process_components() {
OSQUERY=0 OSQUERY=0
WAZUH=0 WAZUH=0
THEHIVE=0 THEHIVE=0
PLAYBOOK=0
IFS=$' ' IFS=$' '
for item in $(echo "$CLEAN"); do for item in $(echo "$CLEAN"); do
@@ -1178,7 +1179,8 @@ whiptail_enable_components() {
"GRAFANA" "Enable Grafana for system monitoring" ON \ "GRAFANA" "Enable Grafana for system monitoring" ON \
"OSQUERY" "Enable Fleet with osquery" ON \ "OSQUERY" "Enable Fleet with osquery" ON \
"WAZUH" "Enable Wazuh" ON \ "WAZUH" "Enable Wazuh" ON \
"THEHIVE" "Enable TheHive" ON 3>&1 1>&2 2>&3 ) "THEHIVE" "Enable TheHive" ON \
"PLAYBOOK" "Enable Playbook" ON 3>&1 1>&2 2>&3 )
} }
whiptail_eval_adv() { whiptail_eval_adv() {
@@ -1741,6 +1743,10 @@ if (whiptail_you_sure); then
echo -e "XXX\n87\nInstalling TheHive... \nXXX" echo -e "XXX\n87\nInstalling TheHive... \nXXX"
salt-call state.apply hive >> $SETUPLOG 2>&1 salt-call state.apply hive >> $SETUPLOG 2>&1
fi fi
if [[ $PLAYBOOK == '1' ]]; then
echo -e "XXX\n89\nInstalling Playbook... \nXXX"
salt-call state.apply playbook >> $SETUPLOG 2>&1
fi
echo -e "XXX\n75\nEnabling Checking at Boot... \nXXX" echo -e "XXX\n75\nEnabling Checking at Boot... \nXXX"
checkin_at_boot >> $SETUPLOG 2>&1 checkin_at_boot >> $SETUPLOG 2>&1
echo -e "XXX\n95\nVerifying Install... \nXXX" echo -e "XXX\n95\nVerifying Install... \nXXX"
@@ -1969,9 +1975,13 @@ if (whiptail_you_sure); then
salt-call state.apply schedule >> $SETUPLOG 2>&1 salt-call state.apply schedule >> $SETUPLOG 2>&1
salt-call state.apply soctopus >> $SETUPLOG 2>&1 salt-call state.apply soctopus >> $SETUPLOG 2>&1
if [[ $THEHIVE == '1' ]]; then if [[ $THEHIVE == '1' ]]; then
echo -e "XXX\n97\nInstalling The Hive... \nXXX" echo -e "XXX\n96\nInstalling The Hive... \nXXX"
salt-call state.apply hive >> $SETUPLOG 2>&1 salt-call state.apply hive >> $SETUPLOG 2>&1
fi fi
if [[ $PLAYBOOK == '1' ]]; then
echo -e "XXX\n97\nInstalling Playbook... \nXXX"
salt-call state.apply playbook >> $SETUPLOG 2>&1
fi
echo -e "XXX\n98\nSetting checkin to run on boot... \nXXX" echo -e "XXX\n98\nSetting checkin to run on boot... \nXXX"
checkin_at_boot >> $SETUPLOG 2>&1 checkin_at_boot >> $SETUPLOG 2>&1
echo -e "XXX\n99\nVerifying Setup... \nXXX" echo -e "XXX\n99\nVerifying Setup... \nXXX"