MISP/app
Christophe Vandeplas 33df513f11 fix document-root location (security) 2012-08-31 09:06:29 +02:00
..
Config Sync. 2012-08-29 13:11:00 +02:00
Console Merge branch 'develop' of code.lab.modiss.be:cydefsig into develop_0.2.2_fixes 2012-07-02 17:11:38 +02:00
Controller Merge branch 'master' of code.lab.modiss.be:cydefsig 2012-08-30 10:59:07 +02:00
Lib Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00
Locale/eng/LC_MESSAGES Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00
Model Sync. 2012-08-28 15:36:14 +02:00
Plugin Revert "Audit and ACL first cut." 2012-06-26 09:40:52 +02:00
Vendor Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00
View Merge branch 'master' of code.lab.modiss.be:cydefsig 2012-08-30 10:59:07 +02:00
files Implemented file-upload of attachment or password protected 2012-03-23 20:04:22 +01:00
tmp Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00
webroot Sync. 2012-08-29 13:11:00 +02:00
.htaccess Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00
BUGS.txt Extra bug. 2012-08-24 14:10:20 +02:00
LICENSE Print Cascading Stylesheets and minor layout fixes 2012-03-25 15:02:15 +02:00
MYSQL.correlation.sql Correlation performance gain. 2012-08-03 12:00:16 +02:00
MYSQL.servers.sql Sync. 2012-08-29 08:40:25 +02:00
MYSQL.txt database schema 2012-08-30 16:33:12 +02:00
MYSQL.whitelist.sql Whitelist. 2012-08-06 10:42:46 +02:00
README.txt Revert "Audit and ACL first cut." 2012-06-26 09:40:52 +02:00
README.vhost.txt fix document-root location (security) 2012-08-31 09:06:29 +02:00
index.php Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00

README.txt

                                                                     

TODOs
-----

Auth
- Prevent bruteforce auth attempts

implement auditing/logging system
- add / edit events and signatures
- failed / success logins (with source IP, headers,...)

Security
- force cookie reset after login


INSTALLATION INSTRUCTIONS
-------------------------
Install the following libraries:
apt-get install zip
apt-get install pear
pear install Crypt_GPG    # need version >1.3.0 
pear install Net_GeoIP
# ideally make sure geoip database is updated using crontab
#wget 'http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz'
#gunzip GeoIP.dat.gz


TODO rewrite instructions using git clones and git submodules

# Download CakePHP from github
cd /opt/
git pull https://github.com/cakephp/cakephp.git
chmod -R 755 /opt/cakephp


# Download CyDefSIG using git in the /var/www/ directory. 
cd /var/www/
git clone git@code.lab.modiss.be:cydefsig.git 


# Check if the permissions are set correctly using the following commands as root:
chown -R <user>:www-data /var/www/cydefsig
chmod -R 750 /var/www/cydefsig
chmod -R g+s /var/www/cydefsig
cd /var/www/cydefsig/app/
chmod -R g+w tmp
chmod -R g+w files

# Import the empty MySQL database in /var/www/cydefsig/app/MYSQL.txt using phpmyadmin or mysql>.

# Now configure your apache server with the DocumentRoot /var/www/cydefsig/app/webroot/


# Configure the fields in the files:
database.php : login, port, password, database
bootstrap.php: CyDefSIG.*, GnuPG.*
core.php : debug, 
webroot/index.php : CAKE_CORE_INCLUDE_PATH   (optional for multi-cydefsig installations)

# Generate a GPG encryption key.
mkdir /var/www/cydefsig/.gnupg
chown www-data:www-data /var/www/cydefsig/.gnupg
chmod 700 /var/www/cydefsig/.gnupg
sudo -u www-data gpg --homedir /var/www/cydefsig/.gnupg --gen-key

# And export the public key to the webroot
sudo -u www-data gpg --homedir .gnupg --export --armor no-reply > app/webroot/gpg.asc



Now log in using the webinterface:
The default user/pass = admin@admin.test/admin 

Don't forget to change the email, password and authentication key after installation.



Recommended patches
-------------------
By default CakePHP exposes his name and version in email headers. Apply a patch to remove this behavior.

Multiple instances on a single server
-------------------------------------
If you want to install multiple instances on a single server, extract the CakePHP sources 
in a central location like /opt/cakephp.
 
Then edit /var/www/cydefsig/app/webroot/index.php and change :
	define('CAKE_CORE_INCLUDE_PATH', '/opt/cakephp/lib');