Adding Guacamole for multi-machine management

2019-11-19 21:01:19 -08:00
parent 3db4b4e3c5
commit 905eaca9fa
5 changed files with 134 additions and 0 deletions
--- a/Terraform/main.tf
+++ b/Terraform/main.tf
@@ -72,6 +72,20 @@ resource "aws_security_group" "logger" {
    cidr_blocks = var.ip_whitelist
  }
  # Guacamole access
  ingress {
    from_port   = 8080
    to_port     = 8080
    protocol    = "tcp"
    cidr_blocks = var.ip_whitelist
  }
  ingress {
    from_port   = 8443
    to_port     = 8443
    protocol    = "tcp"
    cidr_blocks = var.ip_whitelist
  }
  # Allow all traffic from the private subnet
  ingress {
    from_port   = 0
@@ -167,6 +181,8 @@ resource "aws_instance" "logger" {
      "sudo sed -i 's/ETH1/ETH0/g' /opt/DetectionLab/Vagrant/bootstrap.sh",
      "sudo sed -i 's#/usr/local/go/bin/go get -u#GOPATH=/root/go /usr/local/go/bin/go get -u#g' /opt/DetectionLab/Vagrant/bootstrap.sh",
      "sudo sed -i 's#/vagrant/resources#/opt/DetectionLab/Vagrant/resources#g' /opt/DetectionLab/Vagrant/bootstrap.sh",
      "sudo sed -i 's/PasswordAuthentication no/PasswordAuthentication yes/g' /etc/ssh/sshd_config",
      "sudo service ssh restart",
      "sudo chmod +x /opt/DetectionLab/Vagrant/bootstrap.sh",
      "sudo apt-get -qq update",
      "sudo /opt/DetectionLab/Vagrant/bootstrap.sh",
--- a/Vagrant/bootstrap.sh
+++ b/Vagrant/bootstrap.sh
@@ -423,6 +423,29 @@ test_suricata_prerequisites() {
  done
 }
 install_guacamole() {
  echo "[$(date +%H:%M:%S)]: Installing Guacamole..."
  cd /home/vagrant
  apt-get -qq install -y libcairo2-dev libjpeg62-dev libpng12-dev libossp-uuid-dev libfreerdp-dev libpango1.0-dev libssh2-1-dev libssh-dev tomcat8 tomcat8-admin tomcat8-user
  wget --progress=bar:force "http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/1.0.0/source/guacamole-server-1.0.0.tar.gz" -O guacamole-server-1.0.0.tar.gz
  tar -xvf guacamole-server-1.0.0.tar.gz && cd guacamole-server-1.0.0
  ./configure &> /dev/null && make --quiet &> /dev/null && make --quiet install &> /dev/null || echo "[-] An error occurred while installing Guacamole."
  ldconfig
  cd /var/lib/tomcat8/webapps
  wget --progress=bar:force "http://apache.org/dyn/closer.cgi?action=download&filename=guacamole/1.0.0/binary/guacamole-1.0.0.war" -O guacamole.war
  mkdir /etc/guacamole
  mkdir /usr/share/tomcat8/.guacamole
  cp /vagrant/resources/guacamole/user-mapping.xml /etc/guacamole/
  cp /vagrant/resources/guacamole/guacamole.properties /etc/guacamole/
  cp /vagrant/resources/guacamole/guacd.service /lib/systemd/system
  sudo ln -s /etc/guacamole/guacamole.properties /usr/share/tomcat8/.guacamole/
  sudo ln -s /etc/guacamole/user-mapping.xml /usr/share/tomcat8/.guacamole/
  systemctl enable guacd
  systemctl enable tomcat8
  systemctl start guacd
  systemctl start tomcat8
 }
 postinstall_tasks() {
  # Include Splunk and Bro in the PATH
  echo export PATH="$PATH:/opt/splunk/bin:/opt/bro/bin" >> ~/.bashrc
@@ -438,6 +461,7 @@ main() {
  import_osquery_config_into_fleet
  install_suricata
  install_bro
  install_guacamole
  postinstall_tasks
 }
--- a/Vagrant/resources/guacamole/guacamole.properties
+++ b/Vagrant/resources/guacamole/guacamole.properties
@@ -0,0 +1,24 @@
 #    Guacamole - Clientless Remote Desktop
 #    Copyright (C) 2010  Michael Jumper
 #
 #    This program is free software: you can redistribute it and/or modify
 #    it under the terms of the GNU Affero General Public License as published by
 #    the Free Software Foundation, either version 3 of the License, or
 #    (at your option) any later version.
 #
 #    This program is distributed in the hope that it will be useful,
 #    but WITHOUT ANY WARRANTY; without even the implied warranty of
 #    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 #    GNU Affero General Public License for more details.
 #
 #    You should have received a copy of the GNU Affero General Public License
 #    along with this program.  If not, see <http://www.gnu.org/licenses/>.
 # Hostname and port of guacamole proxy
 guacd-hostname: localhost
 guacd-port:     4822
 # Auth provider class (authenticates user/pass combination, needed if using the provided login screen)
 auth-provider: net.sourceforge.guacamole.net.basic.BasicFileAuthenticationProvider
 basic-user-mapping: /etc/guacamole/user-mapping.xml
--- a/Vagrant/resources/guacamole/guacd.service
+++ b/Vagrant/resources/guacamole/guacd.service
@@ -0,0 +1,29 @@
 # Licensed to the Apache Software Foundation (ASF) under one
 # or more contributor license agreements.  See the NOTICE file
 # distributed with this work for additional information
 # regarding copyright ownership.  The ASF licenses this file
 # to you under the Apache License, Version 2.0 (the
 # "License"); you may not use this file except in compliance
 # with the License.  You may obtain a copy of the License at
 #
 #   http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing,
 # software distributed under the License is distributed on an
 # "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 # KIND, either express or implied.  See the License for the
 # specific language governing permissions and limitations
 # under the License.
 [Unit]
 Description=Guacamole Server
 Documentation=man:guacd(8)
 After=network.target
 [Service]
 User=daemon
 ExecStart=/usr/local/sbin/guacd -f
 Restart=on-abnormal
 [Install]
 WantedBy=multi-user.target
--- a/Vagrant/resources/guacamole/user-mapping.xml
+++ b/Vagrant/resources/guacamole/user-mapping.xml
@@ -0,0 +1,41 @@
 <user-mapping>
    <authorize username="vagrant" password="vagrant">
        <connection name="logger">
            <protocol>ssh</protocol>
            <param name="hostname">192.168.38.105</param>
            <param name="port">22</param>
            <param name="username">vagrant</param>
            <param name="password">vagrant</param>
        </connection>
        <connection name="wef">
            <protocol>rdp</protocol>
            <param name="hostname">192.168.38.103</param>
            <param name="port">3389</param>
            <param name="username">vagrant</param>
            <param name="password">vagrant</param>
            <param name="security">nla</param>
            <param name="ignore-cert">true</param>
        </connection>
        <connection name="win10">
            <protocol>rdp</protocol>
            <param name="hostname">192.168.38.104</param>
            <param name="port">3389</param>
            <param name="username">vagrant</param>
            <param name="password">vagrant</param>
            <param name="security">nla</param>
            <param name="ignore-cert">true</param>
        </connection>
        <connection name="dc">
            <protocol>rdp</protocol>
            <param name="hostname">192.168.38.102</param>
            <param name="port">3389</param>
            <param name="username">vagrant</param>
            <param name="password">vagrant</param>
            <param name="security">nla</param>
            <param name="ignore-cert">true</param>
        </connection>
    </authorize>
 </user-mapping>