gwsales

## audit.rules
# IMPORTANT!
# This gist has been transformed into a github repo
# You can find the most recent version there:
# https://github.com/Neo23x0/auditd

#      ___             ___ __      __
#     /   | __  ______/ (_) /_____/ /
#    / /| |/ / / / __  / / __/ __  /
#   / ___ / /_/ / /_/ / / /_/ /_/ /
#  /_/  |_\__,_/\__,_/_/\__/\__,_/

## SysmonStartup.bat
@echo off
:: Author: Ryan Watson
:: Twitter: @gentlemanwatson
:: Version: 1.0
:: Credits: Credit to Syspanda.com and their Sysmon GPO article for the kick off point
:: https://www.syspanda.com/index.php/2017/02/28/deploying-sysmon-through-gpo/

:: ** IMPORTANT **
:: 1) Create a Sysmon folder with the SYSVOL share on your domain controller
:: 2) Download Sysmon from Microsoft and place both sysmon.exe and sysmon64.exe in

## ansible_local_playbooks.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                gwsales
                / ansible_local_playbooks.md
            
            
              Created
              August 28, 2019 13:57
                — forked from alces/ansible_local_playbooks.md
            
              
                How to run an Ansible playbook locally
              
          
using Ansible command line:

ansible-playbook --connection=local 127.0.0.1 playbook.yml

using inventory:

127.0.0.1 ansible_connection=local

  
## ufw.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                gwsales
                / ufw.md
            
            
              Created
              October 18, 2019 01:04
                — forked from kimus/ufw.md
            
              
                NAT and FORWARD with Ubuntu’s ufw firewall
              
          
    UFW

I use Ubuntu’s Uncomplicated firewall because it is available on Ubuntu and it's very simple.
Install UFW

if ufw is not installed by default be sure to install it first.


## fix.sh
#!/bin/bash

# based on https://github.com/mew2057/CAST/blob/6c7f7d514b7af3c512635ec145aa829c535467dc/csm_big_data/config-scripts/logstashFixupScript.sh
# see: https://github.com/elastic/logstash/issues/10755

if [[ $EUID -ne 0 ]]; then
   echo "This script must be run as root"
   exit 1
fi
	# IMPORTANT!
	# This gist has been transformed into a github repo
	# You can find the most recent version there:
	# https://github.com/Neo23x0/auditd

	# ___ ___ __ __
	# / \| __ ______/ (_) /_____/ /
	# / /\| \|/ / / / __ / / __/ __ /
	# / ___ / /_/ / /_/ / / /_/ /_/ /
	# /_/ \|_\__,_/\__,_/_/\__/\__,_/
	@echo off
	:: Author: Ryan Watson
	:: Twitter: @gentlemanwatson
	:: Version: 1.0
	:: Credits: Credit to Syspanda.com and their Sysmon GPO article for the kick off point
	:: https://www.syspanda.com/index.php/2017/02/28/deploying-sysmon-through-gpo/

	:: IMPORTANT
	:: 1) Create a Sysmon folder with the SYSVOL share on your domain controller
	:: 2) Download Sysmon from Microsoft and place both sysmon.exe and sysmon64.exe in
	#!/bin/bash

	# based on https://github.com/mew2057/CAST/blob/6c7f7d514b7af3c512635ec145aa829c535467dc/csm_big_data/config-scripts/logstashFixupScript.sh
	# see: https://github.com/elastic/logstash/issues/10755

	if [[ $EUID -ne 0 ]]; then
	echo "This script must be run as root"
	exit 1
	fi