- Added more automation to install procedure

2018-06-16 00:13:58 +09:00 · 2018-06-16 00:13:58 +09:00 · fdf066955c
parent aca922be1a
commit fdf066955c
1 changed files with 40 additions and 12 deletions
--- a/INSTALL/INSTALL.debian_testing.txt
+++ b/INSTALL/INSTALL.debian_testing.txt
@ -39,17 +39,17 @@ sudo postfix reload
 Once the system is installed you can perform the following steps:

 # Install the dependencies: (some might already be installed)
-sudo apt-get install curl gcc git gnupg-agent make python openssl redis-server neovim zip libyara-dev python3-yara
+sudo apt-get install -y curl gcc git gnupg-agent make python openssl redis-server neovim zip libyara-dev python3-yara python3-redis python-redis python-zmq python3-zmq
 sudo ln -s /usr/lib/x86_64-linux-gnu/libyara.so.3.7.1 /usr/lib/libyara.so

 # Install MariaDB (a MySQL fork/alternative)
-sudo apt-get install mariadb-client mariadb-server
+sudo apt-get install -y mariadb-client mariadb-server

 # Secure the MariaDB installation (especially by setting a strong root password)
 sudo mysql_secure_installation

 # Install Apache2
-sudo apt-get install apache2 apache2-doc apache2-utils
+sudo apt-get install -y apache2 apache2-doc apache2-utils

 # Enable modules, settings, and default of SSL in Apache
 sudo a2dismod status
@ -83,22 +83,19 @@ sudo -u www-data git clone https://github.com/MISP/MISP.git /var/www/MISP
 sudo -u www-data git config core.filemode false

 # install Mitre's STIX and its dependencies by running the following commands:
-sudo apt-get install python3-dev python3-pip libxml2-dev libxslt1-dev zlib1g-dev python-setuptools
+sudo apt-get install python3-dev python3-pip python-pip libxml2-dev libxslt1-dev zlib1g-dev python-setuptools
 cd /var/www/MISP/app/files/scripts
 sudo -u www-data git clone https://github.com/CybOXProject/python-cybox.git
 sudo -u www-data git clone https://github.com/STIXProject/python-stix.git
 cd /var/www/MISP/app/files/scripts/python-cybox
-sudo -u www-data git checkout v2.1.0.12
 sudo python3 setup.py install
 cd /var/www/MISP/app/files/scripts/python-stix
-sudo -u www-data git checkout v1.1.1.4
 sudo python3 setup.py install

 # install mixbox to accomodate the new STIX dependencies:
 cd /var/www/MISP/app/files/scripts/
 sudo -u www-data git clone https://github.com/CybOXProject/mixbox.git
 cd /var/www/MISP/app/files/scripts/mixbox
-sudo -u www-data git checkout v1.0.2
 sudo python3 setup.py install

 4/ CakePHP
@ -139,11 +136,13 @@ sudo chmod -R g+ws /var/www/MISP/app/files/scripts/tmp
 # Enter the mysql shell
 sudo mysql -u root -p

+```
 MariaDB [(none)]> create database misp;
 MariaDB [(none)]> grant usage on *.* to misp@localhost identified by 'XXXXdbpasswordhereXXXXX';
 MariaDB [(none)]> grant all privileges on misp.* to misp@localhost;
 MariaDB [(none)]> flush privileges;
 MariaDB [(none)]> exit
+```

 # Import the empty MISP database from MYSQL.sql
 sudo -u www-data sh -c "mysql -u misp -p misp < /var/www/MISP/INSTALL/MYSQL.sql"
@ -169,7 +168,8 @@ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
 # Otherwise, copy the SSLCertificateFile, SSLCertificateKeyFile, and SSLCertificateChainFile to /etc/ssl/private/. (Modify path and config to fit your environment)

 ============================================= Begin sample working SSL config for MISP
-<VirtualHost <IP, FQDN, or *>:80>
+<VirtualHost _default_:80>
+        ServerAdmin admin@<your.FQDN.here>
        ServerName <your.FQDN.here>

        Redirect permanent / https://<your.FQDN.here>
@ -180,13 +180,14 @@ sudo openssl req -newkey rsa:4096 -days 365 -nodes -x509 \
        ServerSignature Off
 </VirtualHost>

-<VirtualHost <IP, FQDN, or *>:443>
+<VirtualHost _default_:443>
        ServerAdmin admin@<your.FQDN.here>
        ServerName <your.FQDN.here>
        DocumentRoot /var/www/MISP/app/webroot
        <Directory /var/www/MISP/app/webroot>
                Options -Indexes
                AllowOverride all
+                Require all granted
                Order allow,deny
                allow from all
        </Directory>
@ -256,8 +257,9 @@ sudo -u www-data vim /var/www/MISP/app/Config/database.php
 # delete the user from mysql and log in again using the default admin credentials (admin@admin.test / admin)
 # e.g. https://pythontips.com/2013/07/28/generating-a-random-string/

-# Change base url in config.php
-sudo -u www-data vim /var/www/MISP/app/Config/config.php
+# Change base url
+sudo /var/www/MISP/app/Console/cake Baseurl ""
+
 # example: 'baseurl' => 'https://<your.FQDN.here>',
 # alternatively, you can leave this field empty if you would like to use relative pathing in MISP
 # 'baseurl' => '',
@ -283,6 +285,31 @@ then
    sudo chmod u+x /etc/rc.local
 fi

+# Initialize user and fetch Auth Key
+sudo -E /var/www/MISP/app/Console/cake userInit -q
+AUTH_KEY=$(mysql -u $DBUSER_MISP -p$DBPASSWORD_MISP misp -e "SELECT authkey FROM users;" | tail -1)
+
+# Update: galaxies, taxonomies, warning-/notice-lists, object templates
+
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/galaxies/update
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/taxonomies/update
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/warninglists/update
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/noticelists/update
+curl --header "Authorization: $AUTH_KEY" --header "Accept: application/json" --header "Content-Type: application/json" -o /dev/null -s -X POST http://127.0.0.1/objectTemplates/update
+
+# Setup some more MISP default via cake CLI
+
+sudo /var/www/MISP/app/Console/cake Admin setSetting "GnuPG.email" "admin@admin.test"
+sudo /var/www/MISP/app/Console/cake Admin setSetting "GnuPG.homedir" "/var/www/MISP/.gnupg"
+sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.host_org_id" 1
+sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.email" "info@admin.test"
+sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.disable_emailing" true
+sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.contact" "info@admin.test"
+sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.disablerestalert" true
+sudo /var/www/MISP/app/Console/cake Admin setSetting "MISP.showCorrelationsOnIndex" true
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Session.autoRegenerate" false
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Session.timeout" 600
+sudo /var/www/MISP/app/Console/cake Admin setSetting "Session.cookie_timeout" 3600

 # Now log in using the webinterface:
 # The default user/pass = admin@admin.test/admin
@ -333,7 +360,7 @@ sudo sed -i -e '$i \sudo -u www-data misp-modules -l 0.0.0.0 -s &\n' /etc/rc.loc
 sudo sed -i -e '$i \sudo -u www-data bash /var/www/misp-dashboard/start_all.sh\n' /etc/rc.local

 # Installing MISP modules…
-sudo apt-get install -y python3-dev python3-pip libpq5 libjpeg-dev libfuzzy-dev
+sudo apt-get install -y python3-dev python3-pip python-pip libpq5 libjpeg-dev libfuzzy-dev
 cd /usr/local/src/
 sudo git clone https://github.com/MISP/misp-modules.git
 cd misp-modules
@ -341,6 +368,7 @@ cd misp-modules
 sudo pip3 install -I -r REQUIREMENTS
 sudo pip3 install -I .
 sudo pip3 install lief
+sudo pip3 install maec
 sudo pip3 install pymisp python-magic
 sudo pip3 install git+https://github.com/kbandla/pydeep.git
 # pip2 install