socfortress / Wazuh-Rules

Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
https://www.socfortress.co
590 stars 169 forks source link

wazuh-certs-tool.sh should not hardcode distinguished name #17

Open majorthorn opened 1 year ago

majorthorn commented 1 year ago

In the lines below should not hardcode the DN as it will hamstring future users into using SOCFORTRESS as their Cert DN. These should either have their values referenced in the tutorial or have an alternate script that references the default Wazuh config DN reference. https://github.com/socfortress/Wazuh-Rules/blob/98c505caf2410e9e679b17e5ab358cd2967f3815/wazuh-certs-tool.sh#L67 https://github.com/socfortress/Wazuh-Rules/blob/98c505caf2410e9e679b17e5ab358cd2967f3815/wazuh-certs-tool.sh#L82-L86

In my opinion, and its just that an opinion, the tutorials should have scripts that live as if they are deploying a near productions, or have script breaks or input requests to stop the user from using the deployment and inform them of the changes required.

I do not know if I am making sense, it is 2am.