This repository has been archived by the owner on May 23, 2019. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 60
PlatformUbuntu
wesyoung edited this page Oct 21, 2014
·
73 revisions
This installation generally takes 10-15min on hardware with more than 4 cores.
Because @giovino is so awesome, the helper script will configure apache2, bind and install CIF to /opt/cif for you, as well as install any required dependencies too!
- Update your environment, pull down the master and bash the easy-button!
$ sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get install -y htop build-essential automake autoconf git
$ git clone https://github.com/csirtgadgets/massive-octo-spice.git -b master
$ cd massive-octo-spice
$ bash autogen.sh
$ sudo bash ./hacking/platforms/easybutton.sh
- test connectivity to the router
$ curl -k -w "\n" -XGET 'https://localhost:443/ping?token=1234' -H "Accept: application/vnd.cif.v2+json"
{"timestamp":[1400585768,265584]}
note: if you get something other than the resulting timestamp, first stop then re-start apache2 and try again.
- perform an initial
cif-smrt
test run
$ sudo /opt/cif/bin/cif-smrt --testmode -d --token 1234 --no-verify-ssl
[2014-04-19T16:00:51,868Z][INFO]: cleaning up tmp...
[2014-04-19T16:00:52,012Z][INFO]: generating ping request...
[2014-04-19T16:00:52,077Z][INFO]: sending ping...
[2014-04-19T16:00:52,089Z][INFO]: ping returned
[2014-04-19T16:00:52,106Z][INFO]: processing: bin/cif-smrt -d -r /opt/cif/etc/rules/default/bruteforceblocker.cfg -f ssh
[2014-04-19T16:00:52,427Z][INFO]: starting at: 2014-04-19T00:00:00Z
[2014-04-19T16:00:52,431Z][INFO]: processing...
[2014-04-19T16:00:54,532Z][INFO]: building events: 1273
[2014-04-19T16:00:55,335Z][INFO]: sending: 78
[2014-04-19T16:00:55,955Z][INFO]: took: ~0.921849
[2014-04-19T16:00:55,956Z][INFO]: rate: ~84.6125558524227 o/s
[2014-04-19T16:00:55,956Z][INFO]: processing: bin/cif-smrt -d -r /opt/cif/etc/rules/default/drg.cfg -f ssh
...
-
start cif-smrt
$ sudo service cif-smrt start
-
test out a query:
$ cif --cc US -d --token 1234 --no-verify-ssl
$ cif --cc CN -d --token 1234 --no-verify-ssl
- checkout the SDK Guides to setup a client locally.