Update how_to_creating_and_making_an_AMI_public.mkd

2019-09-26 04:52:08 +08:00 · 2019-09-26 04:52:08 +08:00 · 09871b9a98
parent 16e1eeb5bf
commit 09871b9a98
2 changed files with 43 additions and 10 deletions
--- a/bin/hardening/8.4.1_install_aide.sh
+++ b/bin/hardening/8.4.1_install_aide.sh
@ -40,7 +40,7 @@ apply () {
 			mv /var/lib/aide/aide.db.new.gz /var/lib/aide/aide.db.gz 
 		else
        	apt_install $PACKAGE
-	    	aideinit
+	    	aideinit -y -f
        	info "${PACKAGE} is now installed but not fully functionnal, please see readme to go further"
 		fi
    fi
--- a/docs/complianced_image/AMI/how_to_creating_and_making_an_AMI_public.mkd
+++ b/docs/complianced_image/AMI/how_to_creating_and_making_an_AMI_public.mkd
@ -24,7 +24,8 @@ The creation process is as follows:
 ### Pre-Install 
 ```
-$ sudo apt update && sudo apt install -y bc net-tools vim unzip
+$ sudo apt update 
 $ sudo apt install -y bc net-tools  bc net-tools pciutils network-manager vim unzip
 ```
 ### Get harbian-audit project 
@ -45,30 +46,56 @@ admin@ip:/opt/harbian-audit-master# passwd admin
 ```
 #### Audit && Apply: 
 ##### First audit && apply:
 ```
 admin@ip:/opt/harbian-audit-master$ sudo cp debian/default /etc/default/cis-hardening
 admin@ip:/opt/harbian-audit-master$ sudo sed -i "s#CIS_ROOT_DIR=.*#CIS_ROOT_DIR='$(pwd)'#" /etc/default/cis-hardening 
 admin@ip:/opt/harbian-audit-master$ sudo ./bin/hardening.sh --init
 admin@ip:/opt/harbian-audit-master$ sudo ./bin/hardening.sh --audit-all 
 admin@ip:/opt/harbian-audit-master$ sudo ./bin/hardening.sh --set-hardening-level 5 
 admin@ip:/opt/harbian-audit-master$ sudo sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg 
 admin@ip:/opt/harbian-audit-master$ sudo sed -i 's/^status=.*/status=disabled/' etc/conf.d/7.4.4_hosts_deny.cfg 
 admin@ip:/opt/harbian-audit-master$ sudo sed -i 's/^status=.*/status=disabled/' etc/conf.d/10.1.6_remove_nopasswd_sudoers.cfg
 admin@ip:/opt/harbian-audit-master$ sudo sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.4.1_install_aide.cfg 
 admin@ip:/opt/harbian-audit-master$ sudo sed -i 's/^status=.*/status=disabled/' etc/conf.d/8.4.2_aide_cron.cfg 
 admin@ip:/opt/harbian-audit-master$ sudo sed -i 's/^status=.*/status=disabled/' etc/conf.d/10.1.1_set_password_exp_days.cfg
 admin@ip:/opt/harbian-audit-master$ sudo ./bin/hardening.sh --apply 
 admin@ip:/opt/harbian-audit-master$ sudo sed -i "/^root/a\admin    ALL=(ALL:ALL) ALL" /etc/sudoers 
 admin@ip:/opt/harbian-audit-master$ sudo reboot 
 ```
-After reboot: 
+##### Second audit && apply(After reboot)  
-
+Configuring  the firewall:
 ```
 admin@ip:/opt/harbian-audit-master$ INTERFACENAME="eth0"
 admin@ip:/opt/harbian-audit-master$ sudo bash /opt/harbian-audit-master/docs/configurations/etc.iptables.rules.v4.sh $INTERFACENAME 
 admin@ip:/opt/harbian-audit-master$ sudo bash /opt/harbian-audit-master/docs/configurations/etc.iptables.rules.v6.sh $INTERFACENAME 
 admin@ip:/opt/harbian-audit-master$ sudo -s 
 admin@ip:/opt/harbian-audit-master# iptables-save > /etc/iptables/rules.v4 
 admin@ip:/opt/harbian-audit-master# ip6tables-save > /etc/iptables/rules.v6
 admin@ip:/opt/harbian-audit-master# exit
 ```
-Related how to use harbian-audit to adit and apply, please reference: 
+Apply need to apply twice items and that items of must apply after first apply:
-[https://github.com/hardenedlinux/harbian-audit/blob/master/README.md](https://github.com/hardenedlinux/harbian-audit/blob/master/README.md)  
+```
 admin@ip:/opt/harbian-audit-master$ sudo sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.1.32_freeze_auditd_conf.cfg 
 admin@ip:/opt/harbian-audit-master$ sudo ./bin/hardening.sh --apply --only 8.1.32 
 admin@ip:/opt/harbian-audit-master$ sudo ./bin/hardening.sh --apply --only 8.1.1.2
 admin@ip:/opt/harbian-audit-master$ sudo ./bin/hardening.sh --apply --only 8.1.1.3
 admin@ip:/opt/harbian-audit-master$ sudo ./bin/hardening.sh --apply --only 8.1.12
 admin@ip:/opt/harbian-audit-master$ sudo ./bin/hardening.sh --apply --only 4.5
 admin@ip:/opt/harbian-audit-master$ sudo reboot 
 ```
 ##### Third apply(after reboot)  
 Apply need to apply three times items:
 ```
 admin@ip:/opt/harbian-audit-master$ sudo ./bin/hardening.sh --apply --only 4.5
 admin@ip:/opt/harbian-audit-master$ sudo sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.4.1_install_aide.cfg 
 admin@ip:/opt/harbian-audit-master$ sudo sed -i 's/^status=.*/status=enabled/' etc/conf.d/8.4.2_aide_cron.cfg
 admin@ip:/opt/harbian-audit-master$ sudo ./bin/hardening.sh --apply --only 8.4.1
 admin@ip:/opt/harbian-audit-master$ sudo ./bin/hardening.sh --apply --only 8.4.2
 admin@ip:/opt/harbian-audit-master$ sudo reboot 
 ```  
 ### Set issues 
 ```
@ -89,9 +116,14 @@ $ sudo rm /opt/harbian-audit-master/tmp/backups/*
 $ sudo rm /opt/harbian-audit-master/etc/conf.d/*.cfg 
 ```
-#### AIDE RE-INIT 
+#### Final apply
 Reset password for all users and reinit aide database: 
 ```
-$ sudo aideinit -y -f 
+admin@ip:/opt/harbian-audit-master$ sudo ./bin/hardening.sh --final 
 ```
 #### Uninstall 
 ```
 $ sudo apt-get purge --autoremove unzip 
 ```
 #### Clear the current log:
@ -149,6 +181,7 @@ $ history -cw
 ## Reference  
 [https://github.com/hardenedlinux/harbian-audit/blob/master/README.md](https://github.com/hardenedlinux/harbian-audit/blob/master/README.md)
 [https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AMIs.html)  
 [https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html)  
 [https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami-ebs.html)