azcomputerguru/claudetools
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
2adb4b9e92ffc19ce4dec4b79c180695ee4549ef
claudetools/clients/valleywide/PROJECT_STATE.md
Mike Swanson 492fbbf4c9 chore: add PROJECT_STATE.md to all active projects and clients 
Establishes inter-session coordination for 29 projects/clients:
- Full lock/component format for active projects (dataforth-dos,
  radio-show, cascades-tucson, valleywide, instrumental-music-center,
  lens-auto-brokerage, msp-audit-scripts)
- Light format for complete/stalled/planning (msp-pricing, pavon,
  wrightstown-*, gururmm-agent, community-forum, glaztech, etc.)
- Onboarding stubs for recently added clients

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
2026-04-19 18:53:34 -07:00

64 lines
2.8 KiB
Markdown
Raw Blame History

# Valleywide (VWP) — Project State
> READ THIS before starting work on this client.
> UPDATE THIS when you begin work (claim a lock) and when you finish (release lock + log changes).
> Last updated: 2026-04-20
---
## Active Session Locks
| Session | Working On | Status | Started |
|---------|-----------|--------|---------|
| _(none active)_ | | | |
**How to claim a lock:** Add a row before starting work. Remove it when done. Locks older than 2 hours with no update are considered stale.
---
## Current State
**Status:** ACTIVE — POST-INCIDENT MONITORING
**Last Activity:** 2026-04-16
Financial services client, domain `vwp.local`. RDWeb was exposed to the internet via UDM port forward; distributed brute-force attack discovered 2026-04-13. Port forward removed same day. 30-day audit confirmed no successful external logons — no compromise. RDS deployment reconfigured 2026-04-16 to bypass gateway (direct VPN connect). RDS licensing pointer also fixed. Outstanding: RDS CAL purchase, UPnP audit, scanner account password rotation.
---
## Infrastructure / Access
| Server | IP | Notes |
|--------|-----|-------|
| VWP_ADSRVR | 192.168.0.25 | Windows Server 2019 DC, domain `vwp.local`. SSH: `ssh vwp\guru@192.168.0.25` (ed25519 key) |
| VWP-QBS | 172.16.9.169 | Windows Server 2022, QuickBooks + RDS host. Reach via VPN + double-hop: `Invoke-Command -ComputerName VWP-QBS` |
| UDM | (gateway) | Static DNS: `vwp-qbs.vwp.us``172.16.9.169` |
**Networks:** 172.16.9.0/24 (internal), 192.168.0.0/24 (conflicts with IMC — careful when switching VPN contexts).
**VPN:** OpenVPN, pushes DNS=192.168.4.1 (UDM), routes for 172.16.9.0/24, 192.168.0.0/24, 192.168.3.0/24.
**Credentials:** SOPS vault at `clients/vwp/` (adsrvr, dc1, udm, xenserver, quickbooks-server-idrac).
---
## Pending / Next Up
- [ ] Purchase Windows Server 2022 RDS Per User CALs for VWP-QBS (sized to active user count — check distinct interactive logons last 30d via `licmgr.msc`)
- [ ] Confirm UPnP state on UDM (prevent server from re-punching its own port-forward hole)
- [ ] Rotate `scanner` AD account password (last set 2024-10-17; carried since 2026-04-13)
- [ ] Formally document VPN-only RDWeb access decision
---
## Recent Changes
| Date | By | Change | Status |
|------|-----|--------|--------|
| 2026-04-16 | Mike | RDS deployment set to bypass gateway (direct VPN connect); UDM DNS typo fixed; RDS licensing mode set Per User, pointed at VWP-QBS license server | DEPLOYED |
| 2026-04-13 | Mike | RDWeb brute-force incident: UDM port forward removed, lockout policy restored, IIS reset, 30-day audit confirmed no compromise | RESOLVED |
---
## How to Update
**When starting:** Add your session to Active Session Locks.
**When finishing:** Remove your lock row, add entries to Recent Changes, update Current State if needed.
Reference in New Issue View Git Blame Copy Permalink