At it's current state, vOS supports both CentOS 6 and CentOS 7.
Default user is voyagerse. From this account, one can use sudo to gain super user privileges.
Local ssh authorized keys file is located in /etc/ssh/keys/%u, where %u is the username. This file is owned by the super user and can not be modified other than the same.
Hardening is based on the PCI DSS (which version?) standards and applied through puppet manifests
Log files under the directory /var/log/apps will be rotated automatically through the configuration at /etc/logrotate.d/apps.
It it recommended that all application logs go to this directory.
Todo: Add more details like frequency, etc.
The default time syncronization app is chrony (not ntpd) which can be configured through /etc/chrony.conf.
ntpd is still available through the default repository.
Default syslog daemon is rsyslogd.
Configuration files:
- /etc/rsyslog.conf
- /etc/rsyslog.d/*
ClamAV is included!
Todo: Discuss details
Todo: Discuss details
Some pre-downloaded packages are available at /installers to minimize the time it takes to make a first boot. The packages are available but not yet installed. Install the package using your own preferred method.
The following are available:
- Splunk Forwarder
- Qualys Agent
- osquery
- filebeat
There is no need for an external system for tagging. The instance itself can tag its own provided that the instance is launched with an instance role with the following policy:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "ec2:CreateTags",
"Resource": "arn:aws:ec2:*:*:instance/*"
}
]
}
osquery is installed by default.
Todo: Add more details
The list of packages is available publicly. Feel free to submit a merge request if you want to add your own package.