...
All items in CAPITALS should be substituted with actual specific values.
Make sure your server package list is up to date (you may need to reboot if you install a kernel update).
Code Block | ||
---|---|---|
| ||
apt-get update && apt-get upgrade |
There are a few variables you should note down (they will be used later on).
...
Code Block | ||
---|---|---|
| ||
apt-get install mysql-server |
Install Apache, PHP, SNMP, zip and Nmap.the other required packages
Code Block | ||
---|---|---|
| ||
apt-get install -q -y apache2 libapache2-mod-proxy-html libapache2-mod-php5 openssh-server php5 php5-ldap php5-mcrypt php5-mysql php5-snmp nmap snmp zip chkconfig daemon daemon wget curl sshpass screen samba-client |
We also need to install winexe. It is not in repositories, but available for most distributions via the SuSe Build Service. Go to the URL http://download.opensuse.org/repositories/home:/ahajda:/winexe/ and download the relevant package for your distribution. Install it using "sudo dpkg -i PACKAGENAME" and you should be good to go.
Open-AudIT uses Nmap for discovery, sshpass for Linux auditing and screen / samba-client / winexe for Windows auditing.
Discovery will not work without these packages installed.
Configure PHP (substituting $TIMEZONE from above).
Code Block | ||
---|---|---|
| ||
sed -i -e 's/memory_limit/;memory_limit/g' /etc/php5/apache2/php.ini echo "memory_limit = 512M" >> /etc/php5/apache2/php.ini sed -i -e 's/max_execution_time/;max_execution_time/g' /etc/php5/apache2/php.ini echo "max_execution_time = 300" >> /etc/php5/apache2/php.ini sed -i -e 's/max_input_time/;max_input_time/g' /etc/php5/apache2/php.ini echo "max_input_time = 600" >> /etc/php5/apache2/php.ini sed -i -e 's/error_reporting/;error_reporting/g' /etc/php5/apache2/php.ini echo "error_reporting = E_ALL" >> /etc/php5/apache2/php.ini sed -i -e 's/display_errors/;display_errors/g' /etc/php5/apache2/php.ini echo "display_errors = On" >> /etc/php5/apache2/php.ini sed -i -e 's/upload_max_filesize/;upload_max_filesize/g' /etc/php5/apache2/php.ini echo "upload_max_filesize = 10M" >> /etc/php5/apache2/php.ini # Get a valid datdate/time string from http://www.php.net/manual/en/timezones.php sed -i -e 's/date.timezone/;date.timezone/g' /etc/php5/apache2/php.ini echo "date.timezone = $TIMEZONE" >> /etc/php5/apache2/php.ini |
Set the server name (substituting $HOSTNAME from above) for Apache, enable mod-proxy and restart
Code Block | ||
---|---|---|
| ||
echo "ServerName $HOSTNAME" >> /etc/apache2/apache2.conf
a2enmod proxy_http
service apache2 restart |
Set the SUID for the nmap binary (so we can use the apache front end to run scripts which call nmap).
...