lots of things

2025-06-29 19:54:10 -05:00
parent 23cba4713b
commit 7a5b90ae84
25 changed files with 278 additions and 68 deletions
--- a/ConfigFiles/AuditD/auditd.conf
+++ b/ConfigFiles/AuditD/auditd.conf
@ -0,0 +1,46 @@
+#
+# Known Element Enterprises Customized Config File
+# auditd
+# Initial version 2025-06-27 
+#
+
+local_events = yes
+write_logs = yes
+log_file = /var/log/audit/audit.log
+log_group = adm
+log_format = ENRICHED
+flush = INCREMENTAL_ASYNC
+freq = 50
+max_log_file = 8
+num_logs = 5
+priority_boost = 4
+name_format = NONE
+max_log_file_action = keep_logs
+space_left = 75
+space_left_action = email
+action_mail_acct = root
+
+admin_space_left_action = halt
+disk_full_action = SUSPEND
+disk_error_action = SUSPEND
+admin_space_left = 50
+
+verify_email = yes
+use_libwrap = yes
+tcp_listen_queue = 5
+tcp_max_per_addr = 1
+tcp_client_max_idle = 0
+transport = TCP
+distribute_network = no
+q_depth = 2000
+overflow_action = SYSLOG
+max_restarts = 10
+plugin_dir = /etc/audit/plugins.d
+end_of_event_timeout = 2
+##tcp_client_ports = 1024-65535
+##tcp_listen_port = 60
+
+##krb5_key_file = /etc/audit/audit.key
+krb5_principal = auditd
+
+##name = mydomain
--- a/ConfigFiles/AuditD/rules.d/time-change.rules
+++ b/ConfigFiles/AuditD/rules.d/time-change.rules
--- a/ConfigFiles/BANNERS/issue
+++ b/ConfigFiles/BANNERS/issue
@ -0,0 +1,5 @@
+This system is the property of Known Element Enterprises LLC.
+
+Authorized uses only. All activity may be monitored and reported.
+
+All activities subject to monitoring/recording/review in real time and/or at a later time.
--- a/ConfigFiles/BANNERS/issue.net
+++ b/ConfigFiles/BANNERS/issue.net
@ -0,0 +1,5 @@
+This system is the property of Known Element Enterprises LLC.
+
+Authorized uses only. All activity may be monitored and reported.
+
+All activities subject to monitoring/recording/review in real time and/or at a later time.
--- a/ConfigFiles/BANNERS/motd
+++ b/ConfigFiles/BANNERS/motd
@ -0,0 +1,5 @@
+This system is the property of Known Element Enterprises LLC.
+
+Authorized uses only. All activity may be monitored and reported.
+
+All activities subject to monitoring/recording/review in real time and/or at a later time.
--- a/ConfigFiles/Logrotate/logrotate.conf
+++ b/ConfigFiles/Logrotate/logrotate.conf
@ -0,0 +1,23 @@
+# see "man logrotate" for details
+
+# global options do not affect preceding include directives
+
+# rotate log files weekly
+weekly
+
+# keep 4 weeks worth of backlogs
+rotate 4
+
+# create new (empty) log files after rotating old ones
+create 0640 root utmp
+
+# use date as a suffix of the rotated file
+#dateext
+
+# uncomment this if you want your log files compressed
+#compress
+
+# packages drop log rotation information into this directory
+include /etc/logrotate.d
+
+# system-specific logs may also be configured here.
--- a/ConfigFiles/ModProbe/cramfs.conf
+++ b/ConfigFiles/ModProbe/cramfs.conf
@ -0,0 +1 @@
+install cramfs /bin/true
--- a/ConfigFiles/ModProbe/dccp.conf
+++ b/ConfigFiles/ModProbe/dccp.conf
@ -0,0 +1 @@
+install dccp /bin/true
--- a/ConfigFiles/ModProbe/freevxfs.conf
+++ b/ConfigFiles/ModProbe/freevxfs.conf
@ -0,0 +1 @@
+install freevxfs /bin/true
--- a/ConfigFiles/ModProbe/hfs.conf
+++ b/ConfigFiles/ModProbe/hfs.conf
@ -0,0 +1 @@
+install hfs /bin/true
--- a/ConfigFiles/ModProbe/hfsplus.conf
+++ b/ConfigFiles/ModProbe/hfsplus.conf
@ -0,0 +1 @@
+install hfsplus /bin/true
--- a/ConfigFiles/ModProbe/jffs2.conf
+++ b/ConfigFiles/ModProbe/jffs2.conf
@ -0,0 +1 @@
+install jffs2 /bin/true
--- a/ConfigFiles/ModProbe/rds.conf
+++ b/ConfigFiles/ModProbe/rds.conf
@ -0,0 +1 @@
+install rds /bin/true
--- a/ConfigFiles/ModProbe/sctp.conf
+++ b/ConfigFiles/ModProbe/sctp.conf
@ -0,0 +1 @@
+install sctp /bin/true
--- a/ConfigFiles/ModProbe/squashfs.conf
+++ b/ConfigFiles/ModProbe/squashfs.conf
@ -0,0 +1 @@
+install squashfs /bin/true
--- a/ConfigFiles/ModProbe/tipc.conf
+++ b/ConfigFiles/ModProbe/tipc.conf
@ -0,0 +1 @@
+install tipc /bin/true
--- a/ConfigFiles/ModProbe/udf.conf
+++ b/ConfigFiles/ModProbe/udf.conf
@ -0,0 +1 @@
+install udf /bin/true
--- a/ConfigFiles/ModProbe/usb_storage.conf
+++ b/ConfigFiles/ModProbe/usb_storage.conf
@ -0,0 +1 @@
+install usb-storage /bin/true
--- a/ConfigFiles/NTP/ntp.conf
+++ b/ConfigFiles/NTP/ntp.conf
@ -1,5 +1,5 @@
 driftfile /var/lib/ntp/ntp.drift
 leapfile /usr/share/zoneinfo/leap-seconds.list
-server pfv-netboot.taile3044.ts.net
+server pfv-netboot.knel.net
 restrict 127.0.0.1
 restrict ::1
--- a/ConfigFiles/SSH/Configs/tsys-sshd-config
+++ b/ConfigFiles/SSH/Configs/tsys-sshd-config
@ -2,12 +2,19 @@ Include /etc/ssh/sshd_config.d/*.conf
 HostKey /etc/ssh/ssh_host_rsa_key
 HostKey /etc/ssh/ssh_host_ed25519_key
 KbdInteractiveAuthentication no
-X11Forwarding yes
 PrintMotd no
 PasswordAuthentication no
+AllowTcpForwarding no
+X11Forwarding no
 ChallengeResponseAuthentication no
-Banner none
 AcceptEnv LANG LC_*
 Subsystem       sftp    /usr/lib/openssh/sftp-server
 UsePAM yes
-PermitRootLogin prohibit-password
+Banner /etc/issue.net
+MaxAuthTries 2
+MaxStartups 10:30:100
+PermitRootLogin prohibit-password
+ClientAliveInterval 300
+ClientAliveCountMax 3
+AllowUsers root localuser subodev
+LoginGraceTime 60
--- a/ConfigFiles/Systemd/journald.conf
+++ b/ConfigFiles/Systemd/journald.conf
@ -0,0 +1,31 @@
+[Journal]
+#Compress=yes
+#Seal=yes
+#SplitMode=uid
+#SyncIntervalSec=5m
+#RateLimitIntervalSec=30s
+#RateLimitBurst=10000
+#SystemMaxUse=
+#SystemKeepFree=
+#SystemMaxFileSize=
+#SystemMaxFiles=100
+#RuntimeMaxUse=
+#RuntimeKeepFree=
+#RuntimeMaxFileSize=
+#RuntimeMaxFiles=100
+#MaxRetentionSec=
+#MaxFileSec=1month
+#ForwardToSyslog=yes
+#ForwardToKMsg=no
+#ForwardToConsole=no
+#ForwardToWall=yes
+#TTYPath=/dev/console
+#MaxLevelStore=debug
+#MaxLevelSyslog=debug
+#MaxLevelKMsg=notice
+#MaxLevelConsole=info
+#MaxLevelWall=emerg
+#LineMax=48K
+#ReadKMsg=yes
+#Audit=no
+Storage=persistent