trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Fix sysmon sourcetype, update ThreatHunting app

Browse Source
This commit is contained in:
Chris Long
2020-08-04 21:58:18 -07:00
parent 3fc3119be2
commit 84c29f6739
31 changed files with 124 additions and 98 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
Vagrant/scripts/fix-second-network.ps1
View File

@@ -2,31 +2,29 @@
param ([String] $ip, [String] $dns, [String] $gateway)
if ( (Get-NetAdapter | Select-Object -First 1 | Select-Object -ExpandProperty InterfaceDescription).Contains('Red Hat VirtIO')) {
Write-Host "Setting Network Configuration for LibVirt interface"
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Setting Network Configuration for LibVirt interface"
$subnet = $ip -replace "\.\d+$", ""
$name = (Get-NetIPAddress -AddressFamily IPv4 `
| Where-Object -FilterScript { ($_.IPAddress).StartsWith("$subnet") } `
).InterfaceAlias
if ($name) {
Write-Host "Set IP address to $ip of interface $name"
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Set IP address to $ip of interface $name"
& netsh.exe int ip set address "$name" static $ip 255.255.255.0 "$gateway"
if ($dns) {
Write-Host "Set DNS server address to $dns of interface $name"
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Set DNS server address to $dns of interface $name"
& netsh.exe interface ipv4 add dnsserver "$name" address=$dns index=1
}
} else {
Write-Error "Could not find a interface with subnet $subnet.xx"
}
exit 0
}
if (! (Test-Path 'C:\Program Files\VMware\VMware Tools') ) {
Write-Host "Nothing to do for other providers than VMware."
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Nothing to do for other providers than VMware."
exit 0
}
Write-Host "$('[{0:HH:mm}]' -f (Get-Date))"
Write-Host "Setting IP address and DNS information for the Ethernet1 interface"
Write-Host "If this step times out, it's because vagrant is connecting to the VM on the wrong interface"
@@ -42,12 +40,12 @@ if (!$name) {
).InterfaceAlias
}
if ($name) {
Write-Host "Set IP address to $ip of interface $name"
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Set IP address to $ip of interface $name"
& netsh.exe int ip set address "$name" static $ip 255.255.255.0 "$subnet.1"
if ($dns) {
Write-Host "Set DNS server address to $dns of interface $name"
Write-Host "$('[{0:HH:mm}]' -f (Get-Date)) Set DNS server address to $dns of interface $name"
& netsh.exe interface ipv4 add dnsserver "$name" address=$dns index=1
}
} else {
Write-Error "Could not find a interface with subnet $subnet.xx"
Write-Error "$('[{0:HH:mm}]' -f (Get-Date)) Could not find a interface with subnet $subnet.xx"
}