Cadoles/formations
21
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

CESI: Sécurité entreprise, maquette + support OK

Browse Source
This commit is contained in:
wpetit
2018-02-04 18:27:46 +01:00
committed by Benjamin Bohard
parent 13e4a95892
commit 10e0f69dba
7 changed files with 153 additions and 35 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cesi/securite_entreprise/ressources/intranet-demo/Vagrantfile vendored
View File

@ -64,7 +64,7 @@ Vagrant.configure("2") do |config|
config.vm.define "workstation-developer-linux" do |workstation|
workstation.vm.box = "ubuntu/xenial64"
workstation.vm.hostname = "developer-ws1"
workstation.vm.hostname = "developer-workstation"
workstation.vm.network "private_network", ip: "192.168.201.10", virtualbox_intnet: "developer", auto_config: false
workstation.vm.provision :shell, path: "provisioning/workstation/configure_desktop.sh"
workstation.vm.provision :reload

2
cesi/securite_entreprise/ressources/intranet-demo/provisioning/developer/configure_account.sh
View File

@ -2,5 +2,5 @@
set -xe
ACCOUNT_PASSWORD='$6$gMhMIYtz$tIY5w9xjFOJYgtrP2QY0TYfTPm8NQTh0JXaAL7O3TaJ8fAo8AmARaTwKFZgnUVMZKzMOnQOUVRtMtBKkYIS/U1' // passwd: developer
ACCOUNT_PASSWORD='$6$gMhMIYtz$tIY5w9xjFOJYgtrP2QY0TYfTPm8NQTh0JXaAL7O3TaJ8fAo8AmARaTwKFZgnUVMZKzMOnQOUVRtMtBKkYIS/U1' # passwd: developer
useradd -m -p "$ACCOUNT_PASSWORD" -s /bin/bash developer

3
cesi/securite_entreprise/ressources/intranet-demo/provisioning/firewall/configure_firewall_rules.sh
View File

@ -43,6 +43,9 @@ ufw route allow in on $DEVELOPER_IFACE out on $MGMT_IFACE to any port 443 from $
ufw route allow in on $DEVELOPER_IFACE out on $EXTRANET_IFACE to any from $DEVELOPER_NETWORK\
comment "DEVELOPER -> * EXTRANET"
ufw route allow in on $DEVELOPER_IFACE out on $INTRANET_IFACE to any from $DEVELOPER_NETWORK\
comment "DEVELOPER -> * INTRANET"
# On autorise les connexions depuis la machine intranet-supervision vers
# la machine extranet-wordpress sur le port 9117
ufw route allow in on $INTRANET_IFACE out on $EXTRANET_IFACE to 192.168.202.10 port 9117 from 192.168.203.20\