fichier config dhcp FOG

sio2/CYBER/Nagios/nagios4.conf

@@ -0,0 +1,50 @@
+# apache configuration for nagios 4.x
+
+ScriptAlias /cgi-bin/nagios4 /usr/lib/cgi-bin/nagios4
+ScriptAlias /nagios4/cgi-bin /usr/lib/cgi-bin/nagios4
+
+# Where the stylesheets (config files) reside
+Alias /nagios4/stylesheets /etc/nagios4/stylesheets
+
+# Where the HTML pages live
+Alias /nagios4 /usr/share/nagios4/htdocs
+
+<DirectoryMatch (/usr/share/nagios4/htdocs|/usr/lib/cgi-bin/nagios4|/etc/nagios4/stylesheets)>
+    Options FollowSymLinks
+    DirectoryIndex index.php index.html
+    AllowOverride AuthConfig
+    #
+    # The default Debian nagios4 install sets use_authentication=0 in
+    # /etc/nagios4/cgi.cfg, which turns off nagos's internal authentication.
+    # This is insecure.  As a compromise this default apache2 configuration
+    # only allows private IP addresses access.
+    #
+    # The <Files>...</Files> below shows how you can secure the nagios4
+    # web site so anybody can view it, but only authenticated users can issue
+    # commands (such as silence notifications).  To do that replace the
+    # "Require all granted" with "Require valid-user", and use htdigest
+    # program from the apache2-utils package to add users to
+    # /etc/nagios4/htdigest.users.
+    #
+    # A step up is to insist all users validate themselves by moving
+    # the stanza's in the <Files>..<Files> into the <DirectoryMatch>.
+    # Then by setting use_authentication=1 in /etc/nagios4/cgi.cfg you
+    # can configure which people get to see a particular service from
+    # within the nagios configuration.
+    # 
+    Require ip	::1/128 fc00::/7 fe80::/10 10.0.0.0/8 127.0.0.0/8 169.254.0.0/16 172.16.0.0/12 192.168.0.0/16
+    <Files "cmd.cgi">
+	AuthDigestDomain "Nagios4"
+	AuthDigestProvider file
+	AuthUserFile	"/etc/nagios4/htdigest.users"
+	AuthGroupFile	"/etc/group"
+	AuthName	"Nagios4"
+	AuthType	Digest
+	Require all	granted
+	#Require	valid-user
+    </Files>
+</DirectoryMatch>
+
+<Directory /usr/share/nagios4/htdocs>
+    Options	+ExecCGI	
+</Directory>

sio2/CYBER/Nagios/srv.cfg

@@ -0,0 +1,30 @@
+define host {
+    use linux-server            ; Name of host template to use
+    host_name               srv
+    alias                   srv
+    address                 172.20.10.11
+}
+  define service{
+        use                             generic-service
+        host_name                       srv
+        service_description             WWW
+        check_command                   check_http
+}
+  define service{
+        use                             generic-service
+        host_name                       srv
+        service_description            SSH
+        check_command                   check_ssh
+}
+
+
+
+
+
+
+
+
+
+
+
+

sio2/SISR/FOG/dhcpd.conf

@@ -0,0 +1,72 @@
+# DHCP Server Configuration file\n#see /usr/share/doc/dhcp*/dhcpd.conf.sample
+# This file was created by FOG
+#Definition of PXE-specific options
+# Code 1: Multicast IP Address of bootfile
+# Code 2: UDP Port that client should monitor for MTFTP Responses
+# Code 3: UDP Port that MTFTP servers are using to listen for MTFTP requests
+# Code 4: Number of seconds a client must listen for activity before trying
+#         to start a new MTFTP transfer
+# Code 5: Number of seconds a client must listen before trying to restart
+#         a MTFTP transfer
+option space PXE;
+option PXE.mtftp-ip code 1 = ip-address;
+option PXE.mtftp-cport code 2 = unsigned integer 16;
+option PXE.mtftp-sport code 3 = unsigned integer 16;
+option PXE.mtftp-tmout code 4 = unsigned integer 8;
+option PXE.mtftp-delay code 5 = unsigned integer 8;
+option arch code 93 = unsigned integer 16;
+use-host-decl-names on;
+ddns-update-style interim;
+ignore client-updates;
+# Specify subnet of ether device you do NOT want service.
+# For systems with two or more ethernet devices.
+# subnet 136.165.0.0 netmask 255.255.0.0 {}
+subnet 192.168.1.0 netmask 255.255.255.0{
+    option subnet-mask 255.255.255.0;
+    range dynamic-bootp 192.168.1.10 192.168.1.254;
+    default-lease-time 21600;
+    max-lease-time 43200;
+    option routers 192.168.1.1;
+    option domain-name-servers 10.121.38.7;
+    next-server 192.168.1.10;
+}
+class "Legacy" {
+    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";
+    filename "undionly.kkpxe";
+}
+class "UEFI-32-2" {
+    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";
+    filename "i386-efi/snponly.efi";
+}
+class "UEFI-32-1" {
+    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";
+    filename "i386-efi/snponly.efi";
+}
+class "UEFI-64-1" {
+    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";
+    filename "snponly.efi";
+}
+class "UEFI-64-2" {
+    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";
+    filename "snponly.efi";
+}
+class "UEFI-64-3" {
+    match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";
+    filename "snponly.efi";
+}
+class "SURFACE-PRO-4" {
+    match if substring(option vendor-class-identifier, 0, 32) = "PXEClient:Arch:00007:UNDI:003016";
+    filename "snponly.efi";
+}
+class "Apple-Intel-Netboot" {
+    match if substring(option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";
+    option dhcp-parameter-request-list 1,3,17,43,60;
+    if (option dhcp-message-type = 8) {
+        option vendor-class-identifier "AAPLBSDPC";
+        if (substring(option vendor-encapsulated-options, 0, 3) = 01:01:01) {
+            # BSDP List
+            option vendor-encapsulated-options 01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:46:4f:47;
+            filename "snponly.efi";
+        }
+    }
+}

sio2/SISR/RSYSLOG/rsyslog.con.emeteur

@@ -0,0 +1,71 @@
+# /etc/rsyslog.conf configuration file for rsyslog
+#
+# For more information install rsyslog-doc and see
+# /usr/share/doc/rsyslog-doc/html/configuration/index.html
+
+
+#################
+#### MODULES ####
+#################
+
+module(load="imuxsock") # provides support for local system logging
+module(load="imklog")   # provides kernel logging support
+#module(load="immark")  # provides --MARK-- message capability
+
+# provides UDP syslog reception
+#module(load="imudp") MACHINE DE RECEPTION
+#input(type="imudp" port="514") MACHINE DE RECEPTION
+
+# provides TCP syslog reception
+#module(load="imtcp")
+#input(type="imtcp" port="514")
+
+
+###########################
+#### GLOBAL DIRECTIVES ####
+###########################
+
+#
+# Set the default permissions for all log files.
+#
+$FileOwner root
+$FileGroup adm
+$FileCreateMode 0640
+$DirCreateMode 0755
+$Umask 0022
+
+#
+# Where to place spool and state files
+#
+$WorkDirectory /var/spool/rsyslog
+
+#
+# Include all config files in /etc/rsyslog.d/
+#
+$IncludeConfig /etc/rsyslog.d/*.conf
+
+
+###############
+#### RULES ####
+###############
+
+#
+# Log anything besides private authentication messages to a single log file
+#
+*.*;auth,authpriv.none		-/var/log/syslog
+
+#
+# Log commonly used facilities to their own log file
+#
+auth,authpriv.*			/var/log/auth.log
+cron.*				-/var/log/cron.log
+kern.*				-/var/log/kern.log
+mail.*				-/var/log/mail.log
+user.*				-/var/log/user.log
+
+#
+# Emergencies are sent to everybody logged in.
+#
+*.emerg				:omusrmsg:*
+*.* @192.168.0.21:514 # exporte tous les logs de toute gravité et de toute origine vers l'adresse 192.168.100 port UDP 514
+*.* @192.168.0.32:514 # exporte tous les logs de toute gravité et de toute origine vers l'adresse 192.168.100 port UDP 514

sio2/VAGRANT/Vagrantfile

@@ -1,14 +1,32 @@
 # -*- mode: ruby -*-
 # vi: set ft=ruby :
+
 Vagrant.configure("2") do |config|
-  config.vm.provision "shell", inline: "apt-get update -y" # execute pour chacune des machines
- 
-  config.vm.define "IDS" do |ids|#VM No'1
-    ids.vm.box = "debian/bookworm64" #Setting machine type
-    ids.vm.hostname = "IDS" #Setting machine type
-    ids.vm.network "public_network"#Set DHCP
-    ids.vm.provision "shell", inline: <<-SHELL
-     apt-get install -y wget curl vim unzip chkrootkit rkhunter fail2ban
+  # The most common configuration options are documented and commented below.
+  # For a complete reference, please see the online documentation at
+  # https://docs.vagrantup.com.
+
+  # Every Vagrant development environment requires a box. You can search for
+  # boxes at https://vagrantcloud.com/search.
+  config.vm.box = "debian/bookworm64"
+  config.vm.hostname = "nagios4"
+
+  # Disable automatic box update checking. If you disable this, then
+  # boxes will only be checked for updates when the user runs
+  # `vagrant box outdated`. This is not recommended.
+  # config.vm.box_check_update = false
+
+  # Create a public network, which generally matched to bridged network.
+  # Bridged networks make the machine appear as another physical device on
+  # your network.
+  config.vm.network "public_network"
+
+   config.vm.provision "shell", inline: <<-SHELL
+      apt-get update
+      apt-get install -y vim curl wget apache2 php nagios4 nagios-plugins-contrib
+      cp /etc/nagios4/apache2.conf /etc/apache2/sites-available/nagios4.conf
+      a2ensite nagios4.conf
+      a2enmod rewrite cgi
+      systemctl reload apache2
    SHELL
-  end
-end
+end

sio2/VAGRANT/Vagrantfile2

@@ -0,0 +1,14 @@
+# -*- mode: ruby -*-
+# vi: set ft=ruby :
+Vagrant.configure("2") do |config|
+  config.vm.provision "shell", inline: "apt-get update -y" # execute pour chacune des machines
+ 
+  config.vm.define "IDS" do |ids|#VM No'1
+    ids.vm.box = "debian/bookworm64" #Setting machine type
+    ids.vm.hostname = "IDS" #Setting machine type
+    ids.vm.network "public_network"#Set DHCP
+    ids.vm.provision "shell", inline: <<-SHELL
+     apt-get install -y wget curl vim unzip chkrootkit rkhunter fail2ban
+   SHELL
+  end
+end