View Source

Open-AudIT should be installed on 64bit systems only. You might try it on a 32bit system, but this will not be supported going forward.

These installation instructions and scripts have been tested on Ubuntu 12.04, Ubuntu 13.04, Debian 7. Other versions may work. If you do install on another version and need to make alterations, please contribute this back to the community so others can also benefit.

The below commands should be run as the root user (you can "sudo su" on Ubuntu).

All items in CAPITALS should be substituted with actual specific values.

Make sure your server package list is up to date (you may need to reboot if you install a kernel update).

apt-get update

There are a few variables you should note down (they will be used later on).

HOSTNAME

uname -n

TIMEZONE

cat /etc/timezone

Install MySQL (make a note of your supplied root password).

apt-get install mysql-server

Install the other required packages

apt-get install apache2 libapache2-mod-proxy-html libapache2-mod-php5 openssh-server php5 php5-ldap php5-mcrypt php5-mysql php5-snmp nmap snmp zip daemon wget curl sshpass screen samba-client

We also need to install winexe. It is not in repositories, but available for most distributions via the SuSe Build Service. Go to the URL http://download.opensuse.org/repositories/home:/ahajda:/winexe/ and download the relevant package for your distribution. Install it using "sudo dpkg -i PACKAGENAME" and you should be good to go.

Open-AudIT uses Nmap for discovery, sshpass for Linux auditing and screen / samba-client / winexe for Windows auditing.

Discovery will not work without these packages installed.

Configure PHP (substituting $TIMEZONE from above).

sed -i -e 's/memory_limit/;memory_limit/g' /etc/php5/apache2/php.ini

echo "memory_limit = 512M" >> /etc/php5/apache2/php.ini

sed -i -e 's/max_execution_time/;max_execution_time/g' /etc/php5/apache2/php.ini

echo "max_execution_time = 300" >> /etc/php5/apache2/php.ini

sed -i -e 's/max_input_time/;max_input_time/g' /etc/php5/apache2/php.ini

echo "max_input_time = 600" >> /etc/php5/apache2/php.ini

sed -i -e 's/error_reporting/;error_reporting/g' /etc/php5/apache2/php.ini

echo "error_reporting = E_ALL" >> /etc/php5/apache2/php.ini

sed -i -e 's/display_errors/;display_errors/g' /etc/php5/apache2/php.ini

echo "display_errors = On" >> /etc/php5/apache2/php.ini

sed -i -e 's/upload_max_filesize/;upload_max_filesize/g' /etc/php5/apache2/php.ini

echo "upload_max_filesize = 10M" >> /etc/php5/apache2/php.ini

# Get a valid date/time string from http://www.php.net/manual/en/timezones.php

sed -i -e 's/date.timezone/;date.timezone/g' /etc/php5/apache2/php.ini

echo "date.timezone = $TIMEZONE" >> /etc/php5/apache2/php.ini

Set the server name (substituting $HOSTNAME from above) for Apache, enable mod-proxy and restart

echo "ServerName $HOSTNAME" >> /etc/apache2/apache2.conf

a2enmod proxy_http  

service apache2 restart

Set the SUID for the nmap binary (so we can use the apache front end to run scripts which call nmap).

chmod u+s /usr/bin/nmap