MISP/app
noud 5818231f48 Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
..
Config Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
Console Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00
Controller Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
Lib Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00
Locale/eng/LC_MESSAGES Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00
Model Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
Plugin Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
Test Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00
Vendor Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00
View Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
files Implemented file-upload of attachment or password protected 2012-03-23 20:04:22 +01:00
technical_design Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
tmp Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00
webroot Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
.htaccess Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00
LICENSE Print Cascading Stylesheets and minor layout fixes 2012-03-25 15:02:15 +02:00
MYSQL-groups.sql Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
MYSQL-logs.sql Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
MYSQL.txt implementation of a anti-brute-force password guessing mechanism. 2012-06-06 11:00:02 +02:00
README.txt Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
README.ubuntu.txt Audit and ACL first cut. 2012-06-25 15:54:52 +02:00
index.php Migration to CakePHP 2.1. 2012-03-15 15:06:45 +01:00

README.txt

                                                                     
TODOs v0.2.2 to v0.2.3
-----

Auth
- Prevent bruteforce auth attempts

Acl
- inactive buttons
	- must be non-clickable.
	- JavaScript include.
	- DOM read and disable button_offXX.
- clean-up to first cut.
	- My Profile, Group, make non-link.
	- saveAcl, from GroupsController to AppController and inherit to *Controllers.

auditing/logging system
- Action, popup.
- Change, regex remove ', revision (1) => (2) '.
- logins
	- add source IP (headers,...);
	- failed logins.

Security
- force cookie reset after login


INSTALLATION INSTRUCTIONS
-------------------------
Install the following libraries:
apt-get install zip
apt-get install php-pear
pear install Crypt_GPG    # need version >1.3.0 

TODO rewrite instructions using git clones and git submodules


Download CyDefSIG using git in the /var/www/ directory. 

cd /var/www/
git clone git@code.lab.modiss.be:cydefsig.git

Download and extract CakePHP 2.x to the web root directory:

cd /tmp/
wget https://nodeload.github.com/cakephp/cakephp/tarball/2.1
tar zxvf cakephp-cakephp-<version>.tar.gz
cd cakephp-cakephp-*

Now remove the app directory and move everything from CakePHP to var/www

rm -Rf app .gitignore 
mv * /var/www/cydefsig/
mv .??* /var/www/cydefsig/

TODO TODO Install the CakePHP REST Plugin in the plugins directory.
(https://github.com/kvz/cakephp-rest-plugin/tree/cake-2.0)  
using git submodule



Check if the permissions are set correctly using the following commands as root:

chown -R <user>:www-data /var/www/cydefsig
chmod -R 750 /var/www/cydefsig
chmod -R g+s /var/www/cydefsig
cd /var/www/cydefsig/app/
chmod -R g+w tmp
chmod -R g+w files

Import the empty MySQL database in /var/www/cydefsig/app/MYSQL.txt using phpmyadmin or mysql>.

Now configure your apache server with the DocumentRoot /var/www/cydefsig/app/webroot/

Configure the fields in the files:
database.php : login, port, password, database
bootstrap.php: CyDefSIG.*, GnuPG.*
core.php : debug, 

Generate a GPG encryption key.
sudo -u www-data gpg --homedir /var/www/cydefsig/.gnupg --gen-key


Now log in using the webinterface:
The default user/pass = admin@admin.test/admin 

Don't forget to change the email, password and authentication key after installation.



Recommended patches
-------------------
By default CakePHP exposes his name and version in email headers. Apply a patch to remove this behavior.