Fix threathunting and DNS issues
This commit is contained in:
Chris Long
@@ -36,8 +36,8 @@ resource "aws_subnet" "default" {
|
||||
# Adjust VPC DNS settings to not conflict with lab
|
||||
resource "aws_vpc_dhcp_options" "default" {
|
||||
domain_name = "windomain.local"
|
||||
domain_name_servers = concat([aws_instance.dc.private_ip], var.external_dns_servers)
|
||||
netbios_name_servers = [aws_instance.dc.private_ip]
|
||||
domain_name_servers = concat(["192.168.38.102"], var.external_dns_servers)
|
||||
netbios_name_servers = ["192.168.38.102"]
|
||||
tags = var.custom-tags
|
||||
}
|
||||
|
||||
@@ -159,7 +159,6 @@ resource "aws_security_group" "windows" {
|
||||
from_port = 0
|
||||
to_port = 0
|
||||
protocol = "-1"
|
||||
protocol = "-1"
|
||||
cidr_blocks = ["0.0.0.0/0"]
|
||||
}
|
||||
}
|
||||
@@ -211,6 +210,10 @@ resource "aws_instance" "logger" {
|
||||
|
||||
resource "aws_instance" "dc" {
|
||||
instance_type = "t3.medium"
|
||||
depends_on = [
|
||||
aws_vpc_dhcp_options.default,
|
||||
aws_vpc_dhcp_options_association.default
|
||||
]
|
||||
|
||||
provisioner "file" {
|
||||
source = "scripts/bootstrap.ps1"
|
||||
@@ -253,6 +256,10 @@ resource "aws_instance" "dc" {
|
||||
|
||||
resource "aws_instance" "wef" {
|
||||
instance_type = "t3.medium"
|
||||
depends_on = [
|
||||
aws_vpc_dhcp_options.default,
|
||||
aws_vpc_dhcp_options_association.default
|
||||
]
|
||||
|
||||
provisioner "file" {
|
||||
source = "scripts/bootstrap.ps1"
|
||||
@@ -295,6 +302,10 @@ resource "aws_instance" "wef" {
|
||||
|
||||
resource "aws_instance" "win10" {
|
||||
instance_type = "t2.large"
|
||||
depends_on = [
|
||||
aws_vpc_dhcp_options.default,
|
||||
aws_vpc_dhcp_options_association.default
|
||||
]
|
||||
|
||||
provisioner "file" {
|
||||
source = "scripts/bootstrap.ps1"
|
||||
|
||||
@@ -1,8 +1,5 @@
|
||||
# Purpose: Prepare the AWS AMIs for use
|
||||
|
||||
# Install npcap so Wireshark recognizes the AWS network adapters
|
||||
Start-Job -ScriptBlock { choco install -y --force npcap --version 0.86 }
|
||||
|
||||
# Hardcode IP addresses in the HOSTS file
|
||||
If ($env:COMPUTERNAME -eq "DC") {
|
||||
Add-Content 'c:\\windows\\system32\\drivers\\etc\\hosts' ' 192.168.38.103 wef.windomain.local'
|
||||
@@ -16,10 +13,13 @@ Else {
|
||||
# Keep renewing the IP address until the domain controller is set as a DNS server
|
||||
while (!(Get-DNSClientServerAddress | Where-Object { $_.ServerAddresses -eq "192.168.38.102" })) {
|
||||
write-host "Waiting to receive the correct DNS settings from DHCP...";
|
||||
start-sleep 1;
|
||||
start-sleep 5;
|
||||
ipconfig /renew
|
||||
}
|
||||
|
||||
# Install npcap so Wireshark recognizes the AWS network adapters
|
||||
Start-Job -ScriptBlock { choco install -y --force npcap --version 0.86 }
|
||||
|
||||
# Check if gpupdate works
|
||||
if ($env:COMPUTERNAME -ne "DC") {
|
||||
Write-Host "Attempting a Group Policy Update..."
|
||||
|
||||
Reference in New Issue
Block a user