mirror of https://github.com/MISP/MISP
0f4a0dffea
During sync and correlation = db, an attachment or malware did not get processed into Attribute.data, so will not be synced. Now, conform other correlation methods being 'default' or 'sql' the attachment or malware is synced as well. (master has been synced with mil.be not using db correlation, so should have the data.) |
||
---|---|---|
.. | ||
Config | ||
Console | ||
Controller | ||
Lib | ||
Locale/eng/LC_MESSAGES | ||
Model | ||
Plugin | ||
Vendor | ||
View | ||
files | ||
tmp | ||
webroot | ||
.htaccess | ||
BUGS.txt | ||
LICENSE | ||
MYSQL.correlation.sql | ||
MYSQL.servers.sql | ||
MYSQL.txt | ||
MYSQL.whitelist.sql | ||
README.txt | ||
README.vhost.txt | ||
index.php |
README.txt
TODOs ----- Auth - Prevent bruteforce auth attempts implement auditing/logging system - add / edit events and signatures - failed / success logins (with source IP, headers,...) Security - force cookie reset after login INSTALLATION INSTRUCTIONS ------------------------- Install the following libraries: apt-get install zip apt-get install pear pear install Crypt_GPG # need version >1.3.0 pear install Net_GeoIP # ideally make sure geoip database is updated using crontab #wget 'http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz' #gunzip GeoIP.dat.gz TODO rewrite instructions using git clones and git submodules # Download CakePHP from github cd /opt/ git pull https://github.com/cakephp/cakephp.git chmod -R 755 /opt/cakephp # Download CyDefSIG using git in the /var/www/ directory. cd /var/www/ git clone git@code.lab.modiss.be:cydefsig.git # Check if the permissions are set correctly using the following commands as root: chown -R <user>:www-data /var/www/cydefsig chmod -R 750 /var/www/cydefsig chmod -R g+s /var/www/cydefsig cd /var/www/cydefsig/app/ chmod -R g+w tmp chmod -R g+w files # Import the empty MySQL database in /var/www/cydefsig/app/MYSQL.txt using phpmyadmin or mysql>. # Now configure your apache server with the DocumentRoot /var/www/cydefsig/app/webroot/ # Configure the fields in the files: database.php : login, port, password, database bootstrap.php: CyDefSIG.*, GnuPG.* core.php : debug, webroot/index.php : CAKE_CORE_INCLUDE_PATH (optional for multi-cydefsig installations) # Generate a GPG encryption key. mkdir /var/www/cydefsig/.gnupg chown www-data:www-data /var/www/cydefsig/.gnupg chmod 700 /var/www/cydefsig/.gnupg sudo -u www-data gpg --homedir /var/www/cydefsig/.gnupg --gen-key # And export the public key to the webroot sudo -u www-data gpg --homedir .gnupg --export --armor no-reply > app/webroot/gpg.asc Now log in using the webinterface: The default user/pass = admin@admin.test/admin Don't forget to change the email, password and authentication key after installation. Recommended patches ------------------- By default CakePHP exposes his name and version in email headers. Apply a patch to remove this behavior. Multiple instances on a single server ------------------------------------- If you want to install multiple instances on a single server, extract the CakePHP sources in a central location like /opt/cakephp. Then edit /var/www/cydefsig/app/webroot/index.php and change : define('CAKE_CORE_INCLUDE_PATH', '/opt/cakephp/lib');