mirror of https://github.com/MISP/MISP
98a2df0280
if Import Whitelist item has regex and no replacement, then do not allow an attribute having value the regex and do not allow events having info conform that regex. |
||
|---|---|---|
| .. | ||
| Config | ||
| Console | ||
| Controller | ||
| Lib | ||
| Locale/eng/LC_MESSAGES | ||
| Model | ||
| Plugin | ||
| Vendor | ||
| View | ||
| files | ||
| technical_design | ||
| tmp | ||
| webroot | ||
| .htaccess | ||
| BUGS.txt | ||
| LICENSE | ||
| MYSQL.correlation.sql | ||
| MYSQL.event.sql | ||
| MYSQL.private.sql | ||
| MYSQL.role.sql | ||
| MYSQL.servers.sql | ||
| MYSQL.txt | ||
| MYSQL.whitelist.sql | ||
| README.sysop.txt | ||
| README.txt | ||
| README.ubuntu.txt | ||
| README.vhost.txt | ||
| index.php | ||
README.txt
TODOs v0.2.2 to v0.2.3
-----
DB Update
- UpdateShell with in/out
Auth
- Prevent bruteforce auth attempts
Acl
- inactive buttons
- must be non-clickable.
- JavaScript include.
- DOM read and disable button_offXX.
- clean-up to first cut.
- saveAcl, from GroupsController to AppController and inherit to *Controllers.
auditing/logging system
- logins
- add source IP (headers,...);
- failed logins.
Security
- force cookie reset after login
INSTALLATION INSTRUCTIONS
-------------------------
Install the following libraries:
apt-get install zip
apt-get install php-pear
pear install Crypt_GPG # need version >1.3.0
pear install Net_GeoIP
# ideally make sure geoip database is updated using crontab
#wget 'http://geolite.maxmind.com/download/geoip/database/GeoLiteCountry/GeoIP.dat.gz'
#gunzip GeoIP.dat.gz
TODO rewrite instructions using git clones and git submodules
# Download CakePHP from github
cd /opt/
git pull https://github.com/cakephp/cakephp.git
chmod -R 755 /opt/cakephp
# Download CyDefSIG using git in the /var/www/ directory.
cd /var/www/
git clone git@code.lab.modiss.be:cydefsig.git
# Check if the permissions are set correctly using the following commands as root:
chown -R <user>:www-data /var/www/cydefsig
chmod -R 750 /var/www/cydefsig
chmod -R g+s /var/www/cydefsig
cd /var/www/cydefsig/app/
chmod -R g+w tmp
chmod -R g+w files
# Import the empty MySQL database in /var/www/cydefsig/app/MYSQL.txt using phpmyadmin or mysql>.
# Now configure your apache server with the DocumentRoot /var/www/cydefsig/app/webroot/
# Configure the fields in the files:
database.php : login, port, password, database
bootstrap.php: CyDefSIG.*, GnuPG.*
core.php : debug,
webroot/index.php : CAKE_CORE_INCLUDE_PATH (optional for multi-cydefsig installations)
# Generate a GPG encryption key.
mkdir /var/www/cydefsig/.gnupg
chown www-data:www-data /var/www/cydefsig/.gnupg
chmod 700 /var/www/cydefsig/.gnupg
sudo -u www-data gpg --homedir /var/www/cydefsig/.gnupg --gen-key
# And export the public key to the webroot
sudo -u www-data gpg --homedir .gnupg --export --armor no-reply > app/webroot/gpg.asc
# Create the Role Based Access Control (RBAC) tables and content:
cd /var/www/cydefsig/app
./Console/cake schema create DbAcl
./Console/cake acl create aco root controllers
./Console/cake AclExtras.AclExtras aco_sync
./Console/cake populate0_2_3
Now log in using the webinterface:
The default user/pass = admin@admin.test/admin
Don't forget to change the email, password and authentication key after installation.
UPDATE INSTRUCTIONS
-------------------
To be sure, dump your database before updating.
CyDefSIG from 0.2.2 to 0.2.3 needs a database migration and population.
This is done executing /var/www/cydefsig/app/Console/shell/migrate-0.2.2-0.2.3.sh
and answer (y)es to all the questions asked and afterward run http://<host>:<port>/events/migratemisp11to2.
Recommended patches
-------------------
By default CakePHP exposes his name and version in email headers. Apply a patch to remove this behavior.
Multiple instances on a single server
-------------------------------------
If you want to install multiple instances on a single server, extract the CakePHP sources
in a central location like /opt/cakephp.
Then edit /var/www/cydefsig/app/webroot/index.php and change :
define('CAKE_CORE_INCLUDE_PATH', '/opt/cakephp/lib');