MISP
/
MISP
mirror of https://github.com/MISP/MISP
2
2
Fork 0
Code Issues Releases Wiki Activity
MISP/INSTALL/INSTALL.txt

142 lines
4.1 KiB
Plaintext
Executable File
Raw Blame History

INSTALLATION INSTRUCTIONS
------------------------- for ubuntu 12.04-server
# steps 2 (besides acquiring git), 4, 5 can be skipped by running INSTALL.SH
# The correct order in this case is 1/, apt get git, 3/ and then executing INSTALL.SH in /var/www/MISP/INSTALL/INSTALL.SH
1/ Minimal ubuntu install
-------------------------
Install a minimal ubuntu 12.04-server system with the software:
- OpenSSH server
- LAMP server
- Mail server
You will get some questions, you will probably want to set:
- Postfix Configuration: Satellite system
Make sure your system is up2date:
apt-get update
apt-get upgrade
2/ Dependencies *
----------------
Once the system is installed you can perform the following steps as root:
# Because vim is just so practical
apt-get install vim
# Install the dependencies:
apt-get install zip php-pear git redis-server
pear install Crypt_GPG # we need version >1.3.0
pear install Net_GeoIP
# (for Red Hat users, you will have to install Redis manually, http://redis.io/download)
3/ MISP code
------------
# Download MISP using git in the /var/www/ directory.
cd /var/www/
git clone https://github.com/MISP/MISP.git
# Make git ignore filesystem permission differences
cd /var/www/MISP
git config core.filemode false
4/ CakePHP (and CakeResque)
-----------
# CakePHP is now included as a submodule of MISP, execute the following commands to let git fetch it:
git submodule init
git submodule update
# Once done, install the dependencies of CakeResque if you intend to use the built in background jobs:
cd /var/www/MISP/app/Plugin/CakeResque
curl -s https://getcomposer.org/installer | php
php composer.phar install
5/ Set the permissions
----------------------
# Check if the permissions are set correctly using the following commands as root:
chown -R www-data:www-data /var/www/MISP
chmod -R 750 /var/www/MISP
cd /var/www/MISP/app/
chmod -R g+ws tmp
chmod -R g+ws files
Red Hat users: Keep in mind that your apache user is called apache, not www-data
6/ Create a database and user
-----------------------------
# Enter the mysql shell
mysql -u root -p
mysql> create database misp;
mysql> grant usage on *.* to misp@localhost identified by 'XXXXXXXXX';
mysql> grant all privileges on misp.* to misp@localhost ;
mysql> exit
# Import the empty MySQL database from MYSQL.sql
mysql -u misp -p<password> misp < INSTALL/MYSQL.sql
7/ Apache configuration
-----------------------
# Now configure your apache server with the DocumentRoot /var/www/MISP/app/webroot/
# A sample ghost can be found in /var/www/MISP/INSTALL/apache.misp
cp /var/www/MISP/INSTALL/apache.misp /etc/apache2/sites-available/misp
a2dissite default
a2ensite misp
# Enable modules
a2enmod rewrite
# Restart apache
service apache2 reload
# We seriously recommend using only SSL !
# Check out the apache.misp.ssl file for an example
8/ MISP configuration
---------------------
# Configure the fields in the files located in /var/www/MISP/app/Config/:
database.php : login, port, password, database
bootstrap.php: MISP.*, GnuPG.*
core.php : debug, Security.*
# and make sure the file permissions are still OK
chown -R www-data:www-data /var/www/MISP/app/Config
chmod -R 750 /var/www/MISP/app/Config
# Generate a GPG encryption key.
mkdir /var/www/MISP/.gnupg
chown www-data:www-data /var/www/MISP/.gnupg
chmod 700 /var/www/MISP/.gnupg
sudo -u www-data gpg --homedir /var/www/MISP/.gnupg --gen-key
# Recommended key type: RSA (sign only)
# The email address should match the one set int he bootstrap.php configuration file
# And export the public key to the webroot
sudo -u www-data gpg --homedir /var/www/MISP/.gnupg --export --armor YOUR-EMAIL > /var/www/MISP/app/webroot/gpg.asc
Now log in using the webinterface:
The default user/pass = admin@admin.test/admin
Don't forget to change the email, password and authentication key after installation.
Recommended actions
-------------------
- By default CakePHP exposes his name and version in email headers. Apply a patch to remove this behavior.
- You should really harden your OS
- You should really harden the configuration of Apache
- You should really harden the configuration of MySQL
- Keep your software up2date (MISP, CakePHP and everything else)
- Log and audit
Reference in New Issue View Git Blame Copy Permalink