mirror of https://github.com/MISP/MISP
33df513f11
|
||
|---|---|---|
| .. | ||
| Config | ||
| Console | ||
| Controller | ||
| Lib | ||
| Locale/eng/LC_MESSAGES | ||
| Model | ||
| Plugin | ||
| Vendor | ||
| View | ||
| files | ||
| tmp | ||
| webroot | ||
| .htaccess | ||
| BUGS.txt | ||
| LICENSE | ||
| MYSQL.correlation.sql | ||
| MYSQL.servers.sql | ||
| MYSQL.txt | ||
| MYSQL.whitelist.sql | ||
| README.txt | ||
| README.vhost.txt | ||
| index.php | ||
README.txt
TODOs
-----
Auth
- Prevent bruteforce auth attempts
implement auditing/logging system
- add / edit events and signatures
- failed / success logins (with source IP, headers,...)
Security
- force cookie reset after login
INSTALLATION INSTRUCTIONS
-------------------------
Install the following libraries:
apt-get install zip
apt-get install pear
pear install Crypt_GPG # need version >1.3.0
pear install Net_GeoIP
# ideally make sure geoip database is updated using crontab
#wget 'http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz'
#gunzip GeoIP.dat.gz
TODO rewrite instructions using git clones and git submodules
# Download CakePHP from github
cd /opt/
git pull https://github.com/cakephp/cakephp.git
chmod -R 755 /opt/cakephp
# Download CyDefSIG using git in the /var/www/ directory.
cd /var/www/
git clone git@code.lab.modiss.be:cydefsig.git
# Check if the permissions are set correctly using the following commands as root:
chown -R <user>:www-data /var/www/cydefsig
chmod -R 750 /var/www/cydefsig
chmod -R g+s /var/www/cydefsig
cd /var/www/cydefsig/app/
chmod -R g+w tmp
chmod -R g+w files
# Import the empty MySQL database in /var/www/cydefsig/app/MYSQL.txt using phpmyadmin or mysql>.
# Now configure your apache server with the DocumentRoot /var/www/cydefsig/app/webroot/
# Configure the fields in the files:
database.php : login, port, password, database
bootstrap.php: CyDefSIG.*, GnuPG.*
core.php : debug,
webroot/index.php : CAKE_CORE_INCLUDE_PATH (optional for multi-cydefsig installations)
# Generate a GPG encryption key.
mkdir /var/www/cydefsig/.gnupg
chown www-data:www-data /var/www/cydefsig/.gnupg
chmod 700 /var/www/cydefsig/.gnupg
sudo -u www-data gpg --homedir /var/www/cydefsig/.gnupg --gen-key
# And export the public key to the webroot
sudo -u www-data gpg --homedir .gnupg --export --armor no-reply > app/webroot/gpg.asc
Now log in using the webinterface:
The default user/pass = admin@admin.test/admin
Don't forget to change the email, password and authentication key after installation.
Recommended patches
-------------------
By default CakePHP exposes his name and version in email headers. Apply a patch to remove this behavior.
Multiple instances on a single server
-------------------------------------
If you want to install multiple instances on a single server, extract the CakePHP sources
in a central location like /opt/cakephp.
Then edit /var/www/cydefsig/app/webroot/index.php and change :
define('CAKE_CORE_INCLUDE_PATH', '/opt/cakephp/lib');