add ECS

jlaundry · web-flow · commit 0cf7352706d7 · 2024-08-23T20:39:46.000+12:00
diff --git a/macos/little_snitch/config.json b/macos/little_snitch/config.json
@@ -30,6 +30,16 @@
                         1,
                         2
                     ]
+                },
+                {
+                    "url": "https://raw.githubusercontent.com/jlaundry/aadinfo/main/network/ecs.json",
+                    "rule_ids": [
+                        1
+                    ],
+                    "processes": [
+                        "\/Applications\/Microsoft Defender.app\/Contents\/MacOS\/Microsoft Defender.app\/Contents\/MacOS\/Microsoft Defender",
+                        "\/Applications\/Microsoft Defender.app\/Contents\/MacOS\/Microsoft Defender.app\/Contents\/MacOS\/Microsoft Defender Helper"
+                    ]
                 }
             ]
         },
@@ -112,6 +122,15 @@
                         56,
                         69
                     ]
+                },
+                {
+                    "url": "https://raw.githubusercontent.com/jlaundry/aadinfo/main/network/ecs.json",
+                    "rule_ids": [
+                        1
+                    ],
+                    "processes": [
+                        "\/Applications\/OneDrive.app\/Contents\/MacOS\/OneDrive"
+                    ]
                 }
             ]
         },
@@ -209,6 +228,12 @@
                         147,
                         159
                     ]
+                },
+                {
+                    "url": "https://raw.githubusercontent.com/jlaundry/aadinfo/main/network/ecs.json",
+                    "rule_ids": [
+                        1
+                    ]
                 }
             ]
         },
diff --git a/macos/little_snitch/rules/Microsoft Intune.lsrules b/macos/little_snitch/rules/Microsoft Intune.lsrules
@@ -51,6 +51,13 @@
       "protocol" : "tcp",
       "remote-domains" : "manage.microsoft.com"
     },
+    {
+      "action" : "allow",
+      "ports" : "443",
+      "process" : "\/Applications\/Company Portal.app\/Contents\/MacOS\/Company Portal",
+      "protocol" : "tcp",
+      "remote-hosts" : "config.edge.skype.com"
+    },
     {
       "action" : "allow",
       "ports" : "443",

Original file line number	Diff line number	Diff line change
`@@ -30,6 +30,16 @@`
`30`	`30`	`1,`
`31`	`31`	`2`
`32`	`32`	`]`
	`33`	`+ },`
	`34`	`+ {`
	`35`	`+ "url": "https://raw.githubusercontent.com/jlaundry/aadinfo/main/network/ecs.json",`
	`36`	`+ "rule_ids": [`
	`37`	`+ 1`
	`38`	`+ ],`
	`39`	`+ "processes": [`
	`40`	`+ "\/Applications\/Microsoft Defender.app\/Contents\/MacOS\/Microsoft Defender.app\/Contents\/MacOS\/Microsoft Defender",`
	`41`	`+ "\/Applications\/Microsoft Defender.app\/Contents\/MacOS\/Microsoft Defender.app\/Contents\/MacOS\/Microsoft Defender Helper"`
	`42`	`+ ]`
`33`	`43`	`}`
`34`	`44`	`]`
`35`	`45`	`},`
`@@ -112,6 +122,15 @@`
`112`	`122`	`56,`
`113`	`123`	`69`
`114`	`124`	`]`
	`125`	`+ },`
	`126`	`+ {`
	`127`	`+ "url": "https://raw.githubusercontent.com/jlaundry/aadinfo/main/network/ecs.json",`
	`128`	`+ "rule_ids": [`
	`129`	`+ 1`
	`130`	`+ ],`
	`131`	`+ "processes": [`
	`132`	`+ "\/Applications\/OneDrive.app\/Contents\/MacOS\/OneDrive"`
	`133`	`+ ]`
`115`	`134`	`}`
`116`	`135`	`]`
`117`	`136`	`},`
`@@ -209,6 +228,12 @@`
`209`	`228`	`147,`
`210`	`229`	`159`
`211`	`230`	`]`
	`231`	`+ },`
	`232`	`+ {`
	`233`	`+ "url": "https://raw.githubusercontent.com/jlaundry/aadinfo/main/network/ecs.json",`
	`234`	`+ "rule_ids": [`
	`235`	`+ 1`
	`236`	`+ ]`
`212`	`237`	`}`
`213`	`238`	`]`
`214`	`239`	`},`