paulmataruso/tacticalrmm
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

docs - av, faq additions

Browse Source
This commit is contained in:
silversword411
2022-01-11 16:58:33 -05:00
parent c8432020c6
commit 4750b292a5
2 changed files with 36 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

18
docs/docs/av.md
View File

@@ -1,3 +1,21 @@
# Antivirus
They are usually fraught with false-positives because we live in a world of complex greys, not black and white.
At the moment, Microsoft Windows Defender thinks a go executable with virtually nothing in it is the "Trojan:Win32/Wacatac.B!ml" virus <https://old.reddit.com/r/golang/comments/s1bh01/goexecutables_and_windows_defender/>
At Tactical we recommend:
1. No 3rd party AV
2. Use the `Defender Status Report` script (Task > Run Daily - Use Automation manager) to monitor machines: <https://github.com/wh1te909/tacticalrmm/blob/develop/scripts/Win_Defender_Status_Report.ps1>
3. If you want to lock a system down, run the `Defender Enable` script (test in your environment, because it can stop Microsoft Office from opening docs) that will turn on Protected Folders: <https://github.com/wh1te909/tacticalrmm/blob/develop/scripts/Win_Defender_Enable.ps1> and you will be extremely safe. Annoyed, but safe. Use [this](https://github.com/amidaware/trmm-awesome/blob/main/scripts/Windows_Defender_Allowed_List.ps1) as an Exclusion List for Protected Folders items.
Be aware there is also [a powershell script](https://github.com/wh1te909/tacticalrmm/blob/develop/scripts/Win_TRMM_AV_Update_Exclusion.ps1) to add TRMM exclusions specific to Windows Defender
!!!note
If you need to use 3rd party AV, add the necessary exclusions (see below for examples) and submit the exe's as safe
## Bitdefender Gravityzone
Admin URL: <https://cloud.gravityzone.bitdefender.com/>

18
docs/docs/faq.md
View File

@@ -104,3 +104,21 @@ No, you haven't.
![AV Sandbox1](images/faq_av_sandbox3.png)
![AV Sandbox1](images/faq_av_sandbox4.png)
## DNS can't find record
Q. My dns isnt working
A. Make sure its correctly formatted some dns hosts add in the domain automatically.
## Onsite DNS server and LAN only TRMM servers
Q. Can I use onsite dns servers (I dont want my server internet accessible).
A. Yes thats covered in the docs, you can use internal dns for api, mesh and rmm domains but need to add the dns txt to an internet resolvable dns server for letsencrypt wildcard cert
## Self-Signed Certs
Q. Why cant I use a self signed certificate for web etc.
A. NATS over TLS needs a real certificate signed with a trusted root certificate. NATS can function without TLS however that isnt recommended