Skip to content
This repository has been archived by the owner on May 23, 2019. It is now read-only.

PlatformUbuntu

wesyoung edited this page Oct 21, 2014 · 73 revisions

Overview

This installation generally takes 10-15min on hardware with more than 4 cores.

Setting up the Environment

Because @giovino is so awesome, the helper script will configure apache2, bind and install CIF to /opt/cif for you, as well as install any required dependencies too!

  1. Update your environment, pull down the master and bash the easy-button!
$ sudo apt-get update && sudo apt-get upgrade -y && sudo apt-get install -y htop build-essential automake autoconf git
$ git clone https://github.com/csirtgadgets/massive-octo-spice.git -b master
$ cd massive-octo-spice
$ bash autogen.sh
$ sudo bash ./hacking/platforms/easybutton.sh

Testing

  1. test connectivity to the router
$ curl -k -w "\n" -XGET 'https://localhost:443/ping?token=1234' -H "Accept: application/vnd.cif.v2+json"
{"timestamp":[1400585768,265584]}

note: if you get something other than the resulting timestamp, first stop then re-start apache2 and try again.

  1. perform an initial cif-smrt test run
$ sudo /opt/cif/bin/cif-smrt --testmode -d --token 1234 --no-verify-ssl
[2014-04-19T16:00:51,868Z][INFO]: cleaning up tmp...
[2014-04-19T16:00:52,012Z][INFO]: generating ping request...
[2014-04-19T16:00:52,077Z][INFO]: sending ping...
[2014-04-19T16:00:52,089Z][INFO]: ping returned
[2014-04-19T16:00:52,106Z][INFO]: processing: bin/cif-smrt -d -r /opt/cif/etc/rules/default/bruteforceblocker.cfg -f ssh
[2014-04-19T16:00:52,427Z][INFO]: starting at: 2014-04-19T00:00:00Z
[2014-04-19T16:00:52,431Z][INFO]: processing...
[2014-04-19T16:00:54,532Z][INFO]: building events: 1273
[2014-04-19T16:00:55,335Z][INFO]: sending: 78
[2014-04-19T16:00:55,955Z][INFO]: took: ~0.921849
[2014-04-19T16:00:55,956Z][INFO]: rate: ~84.6125558524227 o/s
[2014-04-19T16:00:55,956Z][INFO]: processing: bin/cif-smrt -d -r /opt/cif/etc/rules/default/drg.cfg -f ssh
...
  1. start cif-smrt

    $ sudo service cif-smrt start
  2. test out a query:

$ cif --cc US -d --token 1234 --no-verify-ssl
$ cif --cc CN -d --token 1234 --no-verify-ssl
  1. checkout the SDK Guides to setup a client locally.
Clone this wiki locally