Open-AudIT should be installed on 64bit systems only. You might try it on a 32bit system, but this will not be supported going forward.
These installation instructions and scripts have been tested on Ubuntu 12.04, Ubuntu 13.04, Debian 7. Other versions may work. If you do install on another version and need to make alterations, please contribute this back to the community so others can also benefit.
The below commands should be run as the root user (you can "sudo su" on Ubuntu).
All items in CAPITALS should be substituted with actual specific values.
Make sure your server is up to date (you may need to reboot if you install a kernel update).
apt-get update && apt-get upgrade
There are a few variables you should note down (they will be used later on).
HOSTNAME
uname -n
TIMEZONE
cat /etc/timezone
Install MySQL (make a note of your supplied root password).
apt-get install mysql-server
Install the other required packages
apt-get install -q -y apache2 libapache2-mod-proxy-html libapache2-mod-php5 openssh-server php5 php5-ldap php5-mcrypt php5-mysql php5-snmp nmap snmp zip daemon wget curl sshpass screen samba-client
We also need to install winexe. It is not in repositories, but available for most distributions via the SuSe Build Service. Go to the URL http://download.opensuse.org/repositories/home:/ahajda:/winexe/ and download the relevant package for your distribution. Install it using "sudo dpkg -i PACKAGENAME" and you should be good to go.
Open-AudIT uses Nmap for discovery, sshpass for Linux auditing and screen / samba-client / winexe for Windows auditing.
Discovery will not work without these packages installed.
Configure PHP (substituting $TIMEZONE from above).
sed -i -e 's/memory_limit/;memory_limit/g' /etc/php5/apache2/php.ini echo "memory_limit = 512M" >> /etc/php5/apache2/php.ini sed -i -e 's/max_execution_time/;max_execution_time/g' /etc/php5/apache2/php.ini echo "max_execution_time = 300" >> /etc/php5/apache2/php.ini sed -i -e 's/max_input_time/;max_input_time/g' /etc/php5/apache2/php.ini echo "max_input_time = 600" >> /etc/php5/apache2/php.ini sed -i -e 's/error_reporting/;error_reporting/g' /etc/php5/apache2/php.ini echo "error_reporting = E_ALL" >> /etc/php5/apache2/php.ini sed -i -e 's/display_errors/;display_errors/g' /etc/php5/apache2/php.ini echo "display_errors = On" >> /etc/php5/apache2/php.ini sed -i -e 's/upload_max_filesize/;upload_max_filesize/g' /etc/php5/apache2/php.ini echo "upload_max_filesize = 10M" >> /etc/php5/apache2/php.ini # Get a valid date/time string from http://www.php.net/manual/en/timezones.php sed -i -e 's/date.timezone/;date.timezone/g' /etc/php5/apache2/php.ini echo "date.timezone = $TIMEZONE" >> /etc/php5/apache2/php.ini
Set the server name (substituting $HOSTNAME from above) for Apache, enable mod-proxy and restart
echo "ServerName $HOSTNAME" >> /etc/apache2/apache2.conf a2enmod proxy_http service apache2 restart
Set the SUID for the nmap binary (so we can use the apache front end to run scripts which call nmap).
chmod u+s /usr/bin/nmap