diff --git a/README.md b/README.md index f366bda..6a6eaac 100644 --- a/README.md +++ b/README.md @@ -64,10 +64,31 @@ git submodule init git submodule update ~~~~ +Build the d4 client. This will create the `d4` binary. + +~~~~ +make +~~~~ + +Then register the sensor with the server. Replace `API_TOKEN`, `VALID_UUID4` (create a random UUID via [UUIDgenerator](https://www.uuidgenerator.net/)) and `VALID_HMAC_KEY`. + +~~~~ +curl -k https://127.0.0.1:7000/api/v1/add/sensor/register --header "Authorization: API_TOKEN" -H "Content-Type: application/json" --data '{"uuid":"VALID_UUID4","hmac_key":"VALID_HMAC_KEY"}' -X POST +~~~~ + +If the registration went correctly the UUID is returned. Do not forget to approve the registration in the D4 server web interface. + +Update the configuration file + +~~~~ +cp -r conf.sample conf +echo VALID_UUID4 > conf/uuid +echo VALID_HMAC_KEY > conf/key +~~~~ + ## D4 core server -D4 core server is a complete server to handle clients (sensors) including the decapsulation of the [D4 protocol](https://github.com/D4-project/architecture/tree/master/format), control of -sensor registrations, management of decoding protocols and dispatching to adequate decoders/analysers. +D4 core server is a complete server to handle clients (sensors) including the decapsulation of the [D4 protocol](https://github.com/D4-project/architecture/tree/master/format), control of sensor registrations, management of decoding protocols and dispatching to adequate decoders/analysers. ### Requirements @@ -76,7 +97,6 @@ sensor registrations, management of decoding protocols and dispatching to adequa ### Installation - - [Install D4 Server](https://github.com/D4-project/d4-core/tree/master/server) ### D4 core server Screenshots diff --git a/server/README.md b/server/README.md index 5ed2c1b..36d0080 100644 --- a/server/README.md +++ b/server/README.md @@ -15,11 +15,24 @@ sensor registrations, management of decoding protocols and dispatching to adequa ### Installation ###### Install D4 server + +Clone the repository and install necessary packages. Installation requires *sudo* permissions. + ~~~~ +git clone https://github.com/D4-project/d4-core.git +cd d4-core cd server ./install_server.sh ~~~~ -Create or add a pem in [d4-core/server](https://github.com/D4-project/d4-core/tree/master/server) : + +When the installation is finished, scroll back to where `+ ./create_default_user.py` is displayed. The next lines contain the default generated user and should resemble the snippet below. Take a temporary note of the password, you are required to **change the password** on first login. +~~~~ +new user created: admin@admin.test +password: +token: +~~~~ + +Then create or add a pem in [d4-core/server](https://github.com/D4-project/d4-core/tree/master/server) : ~~~~ cd gen_cert ./gen_root.sh @@ -27,7 +40,6 @@ cd gen_cert cd .. ~~~~ - ###### Launch D4 server ~~~~ ./LAUNCH.sh -l @@ -35,6 +47,14 @@ cd .. The web interface is accessible via `http://127.0.0.1:7000/` +If you cannot access the web interface on localhost (for example because the system is running on a remote host), then stop the server, change the listening host IP and restart the server. In the below example it's changed to `0.0.0.0` (all interfaces). Make sure that the IP is not unintentionally publicly exposed. + +~~~~ +./LAUNCH.sh -k +sed -i '/\[Flask_Server\]/{:a;N;/host = 127\.0\.0\.1/!ba;s/host = 127\.0\.0\.1/host = 0.0.0.0/}' configs/server.conf +./LAUNCH.sh -l +~~~~ + ### Updating web assets To update javascript libs run: ~~~~ @@ -46,7 +66,6 @@ cd web [API Documentation](https://github.com/D4-project/d4-core/tree/master/server/documentation/README.md) - ### Notes - All server logs are located in ``d4-core/server/logs/`` @@ -85,3 +104,7 @@ Run the following command as root: ~~~~ aa-complain /usr/sbin/tcpdump ~~~~ + +###### WARNING - Not registered UUID=UUID4, connection closed + +This happens after you have registered a new sensor, but have not approved the registration. In order to approve the sensor, go in the web interface to **Server Management**, and click **Pending Sensors**. \ No newline at end of file diff --git a/server/lib/Sensor.py b/server/lib/Sensor.py index 0cad0ef..3a8fc32 100755 --- a/server/lib/Sensor.py +++ b/server/lib/Sensor.py @@ -90,7 +90,7 @@ def register_sensor(req_dict): sensor_uuid = sensor_uuid.replace('-', '') # sensor already exist if r_serv_db.exists('metadata_uuid:{}'.format(sensor_uuid)): - return ({"status": "error", "reason": "Sensor already registred"}, 409) + return ({"status": "error", "reason": "Sensor already registered"}, 409) # hmac key if not hmac_key: diff --git a/server/server.py b/server/server.py index 361abe5..447a888 100755 --- a/server/server.py +++ b/server/server.py @@ -144,10 +144,10 @@ def extract_ip(ip_string): return ip_string def server_mode_registration(header_uuid): - # only accept registred uuid + # only accept registered uuid if server_mode == 'registration': if not redis_server_metadata.sismember('registered_uuid', header_uuid): - error_msg = 'Not registred UUID={}, connection closed'.format(header_uuid) + error_msg = 'Not registered UUID={}, connection closed'.format(header_uuid) print(error_msg) logger.warning(error_msg) #redis_server_metadata.hset('metadata_uuid:{}'.format(data_header['uuid_header']), 'Error', 'Error: This UUID is temporarily blacklisted')