This shows you the differences between two versions of the page.
— |
merge_kkline:install_notes [2008/07/31 11:12] (current) kkline created |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | BASIC INSTRUCTION ENSURE | ||
+ | MEET NEW PREREQUISITES | ||
+ | |||
+ | Will put together perl script / install script to test prerequisites long term. | ||
+ | |||
+ | $ perl -MCPAN -e shell | ||
+ | install DBI | ||
+ | install MIME::Lite | ||
+ | install Parallel::ForkManager | ||
+ | install Date::Calc | ||
+ | install Crypt::CBC | ||
+ | install MIME::Base64 | ||
+ | install IO::Socket | ||
+ | install POSIX | ||
+ | install Socket | ||
+ | install Crypt::Blowfish | ||
+ | install Net::IP; | ||
+ | install Net::Netmask | ||
+ | install Net::Nslookup | ||
+ | | ||
+ | Upload the Entire Struction | ||
+ | |||
+ | to /opt | ||
+ | |||
+ | Inprotect | ||
+ | bin | ||
+ | etc | ||
+ | html | ||
+ | install | ||
+ | sbin | ||
+ | tmp | ||
+ | usr | ||
+ | var | ||
+ | |||
+ | to /opt as /opt/Inprotect | ||
+ | |||
+ | next setup the following link | ||
+ | |||
+ | cd /opt/Inprotect/install | ||
+ | |||
+ | run ./install.pl as root | ||
+ | |||
+ | Install can provide the following: | ||
+ | a. This will overwrite setup the etc/inprotect.cfg and html/config.php | ||
+ | b. Create the Database and drop/create the tables and default values | ||
+ | c. Setup the Crontab | ||
+ | d. enable/disable local nessus-update-plugins | ||
+ | e. enable/disable ssl requirement per inprotect settings | ||
+ | f. add first nessus servers | ||
+ | g. Load Plugins | ||
+ | h. Create safe/full audit profiles. | ||
+ | |||
+ | So the system is fully ready for use after running install.pl | ||
+ | |||
+ | | ||
+ | Some additional checks to verify install as manual steps are as follows: | ||
+ | |||
+ | test launch the following perl scripts manually to ensure prerequisites are met. | ||
+ | |||
+ | /opt/Inprotect/sbin/updateplugins_1.00.pl | ||
+ | /opt/Inprotect/sbin/nessusCron_1.60.pl | ||
+ | |||
+ | next review root crontab to ensure it contains the following: | ||
+ | |||
+ | */30 * * * * /usr/sbin/ntpdate pool.ntp.org > /dev/null 2>&1 | ||
+ | |||
+ | |||
+ | 40 3 * * * /opt/Inprotect/sbin/updateplugins_1.00.pl | ||
+ | #*/1 * * * * /opt/Inprotect/sbin/port_scan.pl | ||
+ | |||
+ | */1 * * * * /opt/Inprotect/sbin/nessusCron_1.60.pl -s > /dev/null 2>&1 | ||
+ | # THE FOLLIWING CAN BE RUN WHEN COMPLIANCE AUDITS HAVE BEEN UPLOADED | ||
+ | # IT CAN BE RUN ONCE AFTER AN AUDIT FILE IS UPLOADED OR WHEN EVER AN AUDIT FILE CHANGES | ||
+ | # IT DOES NOT NEED TO BE RUN BY CRON BUT CAN BE IF YOU HAVE AUDIT FILES UNDER DEVELOPEMENT AND FREQUENTLY CHANGE | ||
+ | #*/15 * * * * /opt/Inprotect/sbin/import_auditsettings.pl -s > /dev/null 2>&1 | ||
+ | |||
+ | #LOGIN TO THE PORTAL | ||
+ | |||
+ | admin:password | ||
+ | |||
+ | Be sure to setup the following: | ||
+ | |||
+ | |||
+ | 1. Configure Interface Settings | ||
+ | 2. Setup a server ( if chose not to by install.pl ) | ||
+ | 3. Run updateplugins.pl ( if chose not to by install.pl ) | ||
+ | 4. Verify Plugins had imported | ||
+ | 5. Setup Zones | ||
+ | 6. Setup Profiles | ||
+ | |||
+ |