-
Notifications
You must be signed in to change notification settings - Fork 24
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Vault enhancements #80
Conversation
The function doesn't mask the passwords, presented after the space/tab characters. Bug fix will mask the passwords provided with space/tab
I canceled the change to the password masking function as I checked it with other areas and found that it is not helping I have a different regex in a different repo, in any way it is not relevant for this project as we are not outputting any passwords
Vault enhancement fixes
Trying to fix error 057 by using subcategory GUID Skipping NIC hardening for 2019 Trying to fix DBParm FW issue
@ediulia I have added more fixes based on your testing - would be great if you can verify them |
Hey @AssafMiron VaultHardeningSteps.psm1 We need to review the Call for Compare-AmountOfUserPermissions function in line 726 , looks like it copied from CPM hardening. And maybe to add some recommendation reference for keys NTFS recommended permissions CommonUtil.psm1 Workaround for Error 0x00000057 is not working. now all the checks are failing with the error: Firewall check Still returns wrong output Windows Firewall has 4 manually created inbound rules for RDP TCP/UDP 3389 and WINRM TCP 5985 and 5986 Report shows the next output: Vault Keys permissions now returns One more thing to check: First in Windows2019Security.inf file: Second: Looks like the Script doesn't catch those exceptions on the Vault |
main script has time stamp vault has master key folder check
Adding clear validations for the enc keys
Include use case examples
this commit has updated fw rules check function. Function still doesn't parse properly the dbparm.ini nonstandardfwrules addresses array like [10.0.0.1,10.1.1.1] and doesn't parse properly the ports range like 5985-5986
Report should have a timestamp #82
…HardeningCheck into Vault_enhancements
Vault enhancements
…HardeningCheck into Vault_enhancements
Recovering FW rule changes that were omitted Fixing ICMP rules to solve open comare issues
@ediulia merged back all fixes, including the one you solved about Error 57 |
Desired Outcome
Connected Issue/Story
Resolves #[relevant GitHub issue(s), e.g. 76]
Changelog
CHANGELOG update
Documentation
Behavior