Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Code Block
languagebash
 yum -y install mysql mysql-server

 chkconfig --levels 235 mysqld on

 service mysqld start

When the mysqld service starts you will likely see a reminder about setting a database root password; if you do it immediately make sure that you note down the password for later. Alternatively you can leave the database without password until you configure Open-Audit.

Install Apache

Code Block
languagebash
 yum -y install httpd

 chkconfig --levels 235 httpd on

 service httpd start

Install PHP, SNMP, zip and Nmapthe other required packages

Code Block
languagebash
yum -y install nano php php-cli php-mysql php-ldap php-mbstring php-mcrypt php-snmp php-xml nmap snmp zip zip curl wget sshpass screen samba-client

We also need to install winexe. It is not in repositiories, but available for most distributions via the SuSe Build Server. Go to the URL http://download.opensuse.org/repositories/home:/ahajda:/winexe/ and download the relevant package for your distribution. Install it using "yum install PACKAGENAME" and you should be good to go.

Open-AudIT uses Nmap for discovery, sshpass for Linux auditing and screen / samba-client / winexe for Windows auditing.

 Discovery will not work without these packages installed.

Disable SELinux

Code Block
languagebash
 sed -i -e 's/SELINUX=/#SELINUX=/g' /etc/selinux/config

 echo "SELINUX=disabled" >> /etc/selinux/config

 setenforce 0

...

Code Block
languagebash
 sed -i '1ss/^/\*filter$/*filter\n-A INPUT -m state --pstate tcpNEW -mp tcp --dport 80443 -j ACCEPT\n/' /etc/sysconfig/iptables

 sed -i '1ss/^/\*filter$/*filter\n-A INPUT -p tcpm state --state NEW -mp tcp --dport 44380 -j ACCEPT\n/' /etc/sysconfig/iptables
/etc/init.d/iptables restart

Configure PHP (substituting $TIMEZONE from above).

...

Set the SUID for the nmap binary (so we can use the apache front end to run scripts which call nmap).

NOTE - This command will likely need to be re-run if Nmap is upgraded.

Code Block
languagebash
chmod u+s /usr/bin/nmap