trinitor/DetectionLab
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Multiple fixes, additions

Browse Source
This commit is contained in:
Chris Long
2018-09-06 22:58:36 -07:00
parent ef84579aa7
commit ba7784e0e8
10 changed files with 138 additions and 114 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
README.md
View File

@@ -85,9 +85,9 @@ $ packer build --only=[vmware|virtualbox]-iso windows_2016.json
* Provision the WEF host and configure it as a Windows Event Collector in the Servers OU
* Provision the Win10 host and configure it as a computer in the Workstations OU
7. Navigate to https://192.168.38.5:8000 in a browser to access the Splunk instance on logger. Default credentials are admin:changeme (you will have the option to change them on the next screen)
8. Navigate to https://192.168.38.5:8412 in a browser to access the Fleet server on logger. Default credentials are admin:admin123#. Query packs are pre-configured with queries from [palantir/osquery-configuration](https://github.com/palantir/osquery-configuration).
9. Navigate to https://192.168.38.5:8888 in a browser to access the Caldera server on logger. Default credentials are admin:caldera.
7. Navigate to https://192.168.38.105:8000 in a browser to access the Splunk instance on logger. Default credentials are admin:changeme (you will have the option to change them on the next screen)
8. Navigate to https://192.168.38.105:8412 in a browser to access the Fleet server on logger. Default credentials are admin:admin123#. Query packs are pre-configured with queries from [palantir/osquery-configuration](https://github.com/palantir/osquery-configuration).
9. Navigate to https://192.168.38.105:8888 in a browser to access the Caldera server on logger. Default credentials are admin:caldera.
## Basic Vagrant Usage
Vagrant commands must be run from the "Vagrant" folder.
@@ -108,10 +108,10 @@ Vagrant commands must be run from the "Vagrant" folder.
## Lab Information
* Domain Name: windomain.local
* Admininstrator login: vagrant:vagrant
* Fleet login: https://192.168.38.5:8412 - admin:admin123#
* Splunk login: https://192.168.38.5:8000 - admin:changeme
* Caldera login: https://192.168.38.5:8888 - admin:caldera
* MS ATA login: https://192.168.38.3 - wef\vagrant:vagrant
* Fleet login: https://192.168.38.105:8412 - admin:admin123#
* Splunk login: https://192.168.38.105:8000 - admin:changeme
* Caldera login: https://192.168.38.105:8888 - admin:caldera
* MS ATA login: https://192.168.38.103 - wef\vagrant:vagrant
## Lab Hosts
* DC - Windows 2016 Domain Controller