sudo apt-get update sudo apt-get upgrade sudo apt-get dist-upgrade
sudo apt-get install gcc g++ build-essential libssl-dev libreadline6-dev zlib1g-dev linux-headers-generic libsqlite3-dev libxslt-dev libxml2-dev imagemagick git-core libmysqlclient-dev mysql-server libmagickwand-dev default-jre ruby1.9.3
wget http://sourceforge.net/projects/wkhtmltopdf/files/0.12.1/wkhtmltox-0.12.1_linux-trusty-i386.deb sudo dpkg -i wkhtmltox-0.12.1_linux-trusty-i386.deb
sudo gem install thor i18n bundler tzinfo builder memcache-client rack rack-test erubis mail text-format rack-mount rails sqlite3
sudo git clone http://github.com/Snorby/snorby.git /var/www/snorby
snorby: &snorby adapter: mysql username: root password: <enter the mysql root password here> host: localhost
development: domain: localhost:3000 wkhtmltopdf: /usr/bin/wkhtmltopdf # - /usr/local/bin/wkhtmltopdf test: domain: localhost:3000 wkhtmltopdf: /usr/bin/wkhtmltopdf production: domain: localhost:3000 wkhtmltopdf: /usr/bin/wkhtmltopdf
cd /var/www/snorby sudo bundle update activesupport railties rails sudo gem install arel ezprint && sudo bundle install sudo bundle exec rake snorby:setup
mysql -u root -p create user 'snorbyuser'@'localhost' IDENTIFIED BY '_'; grant all privileges on snorby.* to 'snorbyuser'@'localhost' with grant option; flush privileges; exit
snorby: &snorby adapter: mysql username: snorbyuser password: _ host: localhost
sudo apt-get install apache2 apache2-prefork-dev libapr1-dev libaprutil1-dev sudo apt-get install libcurl4-openssl-dev sudo service apache2 start
sudo gem install --no-ri --no-rdoc passenger sudo /usr/local/bin/passenger-install-apache2-module -a
LoadModule passenger_module /var/lib/gems/1.9.1/gems/passenger-4.0.48/buildout/apache2/mod_passenger.so <IfModule mod_passenger.c> PassengerRoot /var/lib/gems/1.9.1/gems/passenger-4.0.48 PassengerDefaultRuby /usr/bin/ruby1.9.1 </IfModule>
sudo a2enmod passenger sudo a2enmod rewrite sudo a2enmod ssl sudo chown www-data:www-data /var/www/snorby -R
<VirtualHost *:80> ServerAdmin webmaster@localhost ServerName snorby.local DocumentRoot /var/www/snorby/public <Directory "/var/www/snorby/public"> AllowOverride all Order deny,allow Allow from all Options -MultiViews </Directory> </VirtualHost>
sudo ln -s /etc/apache2/sites-available/snorby /etc/apache2/sites-enabled/snorby
sudo service apache2 restart
sudo bundle pack && sudo bundle install --path vender/cache
DocumentRoot /var/www/
sudo bundle exec rails server -e production
sudo apt-get install libpcre3 libpcre3-dbg libpcre3-dev build-essential autoconf automake libtool libpcap-dev libcap-ng-dev libnet1-dev mysql-client wget http://security.ubuntu.com/ubuntu/pool/main/m/mysql-dfsg-5.1/libmysqlclient16_5.1.73-0ubuntu0.10.04.1_i386.deb sudo dpkg -i libmysqlclient16_5.1.73-0ubuntu0.10.04.1_i386.deb wget http://www.netfilter.org/projects/libnfnetlink/files/libnfnetlink-1.0.1.tar.bz2 sudo tar xvfz libnfnetlink-1.0.1.tar.bz2 sudo ./configure && sudo make && sudo make install
wget http://pyyaml.org/download/libyaml/yaml-0.1.3.tar.gz sudo tar xvfz yaml-0.1.3.tar.gz cd yaml-0.1.3 sudo ./configure && sudo make && sudo make install
wget http://ftp.psu.ac.th/pub/snort/barnyard2-1.9.tar.gz sudo tar xvfz barnyard2-1.9.tar.gz cd barnyard2-1.9 sudo ./configure --with-mysql && sudo make && sudo make install
sudo apt-get install suricata sudo cp /etc/suricata/suricata-debian.yaml /etc/suricata/suricata.yaml cd /etc/suricata sudo wget http://rules.emergingthreats.net/open/suricata/emerging.rules.tar.gz sudo tar xvfz emerging.rules.tar.gz
default-rule-path: /etc/suricata/rules/ HOME_NET: "[ip_/]" # "[192.168.0.0/24]"
sudo cp downloads_folder/barnyard2-1.9/etc/barnyard2.conf /etc/suricata/
config reference_file: /etc/suricata/reference.config config classification_file: /etc/suricata/classification.config config gen_file: /etc/suricata/rules/gen-msg.map config sid_file: /etc/suricata/rules/sid-msg.map output database: log, mysql, user=snorbyuser password=_ dbname=snorby host=localhost sensor_name=sensor1
sudo mkdir /var/log/barnyard2 sudo iptables -I FORWARD -j NFQUEUE sudo suricata -c /etc/suricata/suricata.yaml -q 0
sudo apt-get install libqt4-gui
sudo dpkg -i fwbuilder_5.1.0.3599-ubuntu-precise-1_i386.deb
sudo su apt-get install openvpn easy-rsa
mkdir /etc/openvpn/easy-rsa cp -r /usr/share/easy-rsa /etc/openvpn/easy-rsa mv /etc/openvpn/easy-rsa/easy-rsa /etc/openvpn/easy-rsa/2.0 cd /etc/openvpn/easy-rsa/2.0 nano vars
export KEY_COUNTRY="RU" export KEY_PROVINCE="Moscow" export KEY_CITY="Moscow" export KEY_ORG="IT" export KEY_EMAIL="test@lab.local" export KEY_OU="Security Department" export KEY_NAME="UTM"
cp openssl-1.0.0.cnf openssl.cnf . ./vars ./clean-all ./build-ca ./build-key-server server ./build-dh openvpn --genkey --secret keys/ta.key cp -r /etc/openvpn/easy-rsa/2.0/keys/ /etc/openvpn/
cp /usr/share/doc/openvpn/examples/sample-config-files/server.conf.gz /etc/openvpn/ cd /etc/openvpn gunzip -d /etc/openvpn/server.conf.gz nano /etc/openvpn/server.conf
port 1194 proto udp dev tun ca /etc/openvpn/keys/ca.crt cert /etc/openvpn/keys/server.crt key /etc/openvpn/keys/server.key # This file should be kept secret dh /etc/openvpn/keys/dh2048.pem server 10.8.0.0 255.255.255.0 ifconfig-pool-persist /etc/openvpn/ipp.txt push "route 192.168.1.0 255.255.255.0" keepalive 10 120 tls-server tls-auth /etc/openvpn/keys/ta.key 0 tls-timeout 120 auth SHA1 comp-lzo max-clients 1 persist-key persist-tun status /var/log/openvpn/openvpn-status.log verb 3 mute 20
mkdir /var/log/openvpn
mkdir /etc/openvpn/ccd nano /etc/openvpn/ccd/client iroute 192.168.1.0 255.255.255.0
sudo sysctl -p
openvpn restart
cd /etc/openvpn/easy-rsa/2.0 . ./vars ./build-key client ./build-key-pass client
client dev tun proto udp remote 10.10.0.184 1194 resolv-retry infinite ca "C:\\Program Files\\OpenVPN\\config\\ca.crt" cert "C:\\Program Files\\OpenVPN\\config\\client.crt" key "C:\\Program Files\\OpenVPN\\config\\client.key" tls-client tls-auth "C:\\Program Files\\OpenVPN\\config\\ta.key" 1 auth SHA1 # -. MD5 cipher BF-CBC remote-cert-tls server comp-lzo persist-key persist-tun status "C:\\Program Files\\OpenVPN\\log\\openvpn-status.log" log "C:\\Program Files\\OpenVPN\\log\\openvpn.log" verb 3 mute 20
Source: https://habr.com/ru/post/238315/
All Articles