chanfge

2024-03-18 16:17:47 +01:00
parent d277212a74
commit 4393958b88
4 changed files with 23 additions and 23 deletions
--- a/setup.py
+++ b/setup.py
@@ -247,23 +247,23 @@ def install():
    #CIS - Ensure 'Windows Firewall: Domain: Settings: Display a notification' is set to 'No'.
    #run("netsh advfirewall set allprofiles settings notifications off")
    #CIS - Ensure 'Windows Firewall: Domain: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'.
-    run(r'netsh advfirewall set domain logging filename "%SystemRoot%\System32\logfiles\firewall\domainfw.log"')
-    #CIS - Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'.
-    run(r'netsh advfirewall set private logging filename "%SystemRoot%\System32\logfiles\firewall\privatefw.log"')
-    #CIS - Ensure 'Windows Firewall: public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'.
-    run(r'netsh advfirewall set public logging filename "%SystemRoot%\System32\logfiles\firewall\publicfw.log"')
-    #CIS - Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'.
-    run('netsh advfirewall set allprofiles logging filename %SystemRoot%\System32\LogFiles\Firewall\pfirewall.log allowedconnections 16384')
-    #CIS - Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'.
-    run('netsh advfirewall set allprofiles logging droppedpackets enable')
-    #CIS - Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes'.
-    registry_set(HKEY_LOCAL_MACHINE, r"Policies\Microsoft\WindowsFirewall\DomainProfile\Logging", "LogSuccessfulConnections","1")
-    #CIS - Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'.
-    registry_set(HKEY_LOCAL_MACHINE, r"Policies\Microsoft\WindowsFirewall\PrivateProfile\Logging", "LogSuccessfulConnections","1")
-    #CIS - Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'.
-    registry_set(HKEY_LOCAL_MACHINE, r"Policies\Microsoft\WindowsFirewall\PublicProfile\Logging", "LogSuccessfulConnections","1")
-    #CIS - Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'.
-    run("netsh advfirewall set public settings localconsecrules enforce=no")
+    # run(r'netsh advfirewall set domain logging filename "%SystemRoot%\System32\logfiles\firewall\domainfw.log"')
+    # #CIS - Ensure 'Windows Firewall: Private: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'.
+    # run(r'netsh advfirewall set private logging filename "%SystemRoot%\System32\logfiles\firewall\privatefw.log"')
+    # #CIS - Ensure 'Windows Firewall: public: Logging: Name' is set to '%SystemRoot%\System32\logfiles\firewall\domainfw.log'.
+    # run(r'netsh advfirewall set public logging filename "%SystemRoot%\System32\logfiles\firewall\publicfw.log"')
+    # #CIS - Ensure 'Windows Firewall: Domain: Logging: Size limit (KB)' is set to '16,384 KB or greater'.
+    # run('netsh advfirewall set allprofiles logging filename %SystemRoot%\System32\LogFiles\Firewall\pfirewall.log allowedconnections 16384')
+    # #CIS - Ensure 'Windows Firewall: Domain: Logging: Log dropped packets' is set to 'Yes'.
+    # run('netsh advfirewall set allprofiles logging droppedpackets enable')
+    # #CIS - Ensure 'Windows Firewall: Domain: Logging: Log successful connections' is set to 'Yes'.
+    # registry_set(HKEY_LOCAL_MACHINE, r"Policies\Microsoft\WindowsFirewall\DomainProfile\Logging", "LogSuccessfulConnections","1")
+    # #CIS - Ensure 'Windows Firewall: Private: Logging: Log successful connections' is set to 'Yes'.
+    # registry_set(HKEY_LOCAL_MACHINE, r"Policies\Microsoft\WindowsFirewall\PrivateProfile\Logging", "LogSuccessfulConnections","1")
+    # #CIS - Ensure 'Windows Firewall: Public: Logging: Log successful connections' is set to 'Yes'.
+    # registry_set(HKEY_LOCAL_MACHINE, r"Policies\Microsoft\WindowsFirewall\PublicProfile\Logging", "LogSuccessfulConnections","1")
+    # #CIS - Ensure 'Windows Firewall: Public: Settings: Apply local connection security rules' is set to 'No'.
+    # run("netsh advfirewall set public settings localconsecrules enforce=no")
    #CIS - Ensure 'Audit Credential Validation' is set to 'Success and Failure'.
    run('auditpol /set /subcategory:"Credential Validation" /success:enable /failure:enable')
    # Ensure 'Audit Application Group Management' is set to 'Success and Failure'.