Menu
▾
▴
Re: [Os-sim-devel] Re: Comments on Installing OSSIM
|
From: David G. <dg...@ip...> - 2005-02-18 11:57:27
|
El jue, 17-02-2005 a las 15:31 +0100, Jan-Oliver Wagner escribi=F3: > Hi David, >=20 > [ I am sending this to the devel list now since I=20 > do not want to bother you alone with my reports ] >=20 > only today I found the time to give OSSIM a new try. >=20 > [14:05] I am stating with a fresh and clean Debian Sarge as of today. >=20 > On Tue, Feb 01, 2005 at 05:31:38PM +0100, David Gil wrote: > > El mi=E9, 26-01-2005 a las 12:49 +0100, Jan-Oliver Wagner escribi=F3: > > > On Tue, Jan 25, 2005 at 03:30:24PM +0100, David Gil wrote: > > > > Please, don't use that manual, it's deprecated. Please use this > > > > (http://www.ossim.net/docs/INSTALL.Debian.quick.txt) instead. > > >=20 > > > hm. Would be good to take the other stuff offline then. > >=20 > > Yes, we pretend to update the doc, but in the meantime may be better to > > notice that... > >=20 > > > > With this manual I hope you can install OSSIM in less than 1 hour. > > >=20 > > > OK, lets see [12:00] ... ;-) > > >=20 > > > - here also is missing "apt-get update" > >=20 > > I think it's obvious.. >=20 > Well, people not used to use Debian stumble across this. I observed > this multiple times. Ok, I've just added an "apt-get update" to the manual. > I am leaving out the Performance section. >=20 > > > - while doing "apt-get install ossim-mysql" I am asked: > > >=20 > > > | Create the database structure now, using the following commands:=20 > > > | cd /usr/share/doc/ossim-mysql/contrib/ =20 > > > | zcat create_mysql.sql.gz ossim_*.sql.gz | mysql ossim -p=20 > > > | zcat create_snort_tbls_mysql.sql.gz \ =20 > > > | create_acid_tbls_mysql.sql.gz | mysql snort -p =20 > > > | Use -u and -h mysql options if you need to specify a non-default us= er > > > | and host.=20 > > > | After you created the database structure, press 'ok' to continue.=20 > > >=20 > > > Unfortunately, /usr/share/doc/ossim-mysql/contrib/ does not exist! > > > (nor does /usr/share/doc/ossim-mysql). > >=20 > > Mmmm, it's seems that /usr/share/doc/ossim-mysql is created after > > debconf execute... I need to change de debconf template. >=20 > the problem is still there. What do you suggest me to put in the debconf template? Change after for before? ;) > > Type: > > dpkg -L ossim-mysql >=20 > polynoe:~# dpkg -L ossim-mysql > /. > /usr > /usr/share > /usr/share/doc > /usr/share/doc/ossim-mysql > /usr/share/doc/ossim-mysql/contrib > /usr/share/doc/ossim-mysql/contrib/create_mysql.sql.gz > /usr/share/doc/ossim-mysql/contrib/create_pgsql.sql.gz > /usr/share/doc/ossim-mysql/contrib/ossim_config.sql.gz > /usr/share/doc/ossim-mysql/contrib/ossim_data.sql.gz > /usr/share/doc/ossim-mysql/contrib/realsecure.sql.gz > /usr/share/doc/ossim-mysql/contrib/snort_nessus.sql.gz > /usr/share/doc/ossim-mysql/contrib/create_snort_tbls_mysql.sql.gz > /usr/share/doc/ossim-mysql/contrib/096-to-097.sql.gz > /usr/share/doc/ossim-mysql/contrib/097-to-098.sql.gz > /usr/share/doc/ossim-mysql/contrib/create_acid_tbls_mysql.sql.gz > /usr/share/doc/ossim-mysql/changelog.gz > /usr/share/doc/ossim-mysql/INSTALL.gz > /usr/share/doc/ossim-mysql/copyright > /usr/share/doc/ossim-mysql/changelog.Debian.gz >=20 >=20 > I do not understand the item > "Edit /etc/mysql/my.cnf and modify the "bind-address" entry if you want > MySQL will listen on port TCP-3306 after restart." > so I did not change the file. You need to modify this atribute if you want other hosts can connect to your mysql server (only 127.0.0.1 by default). >=20 > apt-get install ossim-server > There is still the wrong text in one dialog > which says "enter database" > but actually a username must be entered. I read: Please enter the name of the database *user* you want to use. Am I wrong? > apt-get install ossim-agent > prompting 127.0.0.1 and simply saying not to use it > is a bit vague. > Better make proposals or explain the situation in > more detail. Ok, i've just changed it to: What's your OSSIM Agent ip? (Don't use 127.0.0.1 if you want to monitoring this sensor from framework) > apt-get install ossim-framework > There is a dialog saying: >=20 > NOTE: Manual configuration required > You will need to go to http://localhost/acidlab first to force the > database > modifications for ACIDlab. It is also advised that you run this > either over HTTPS or > with some form of access control on the webserver. We do not > attempt to install using > either technique. >=20 > Your installation description should say whether this is important > for ossim or not. Acid stuff, not OSSIM stuff. I pretend that the manual was as short as possible.. > However, the command > lynx http://localhost/acidlab > does not work anyway. There seems to be no server listening at > this point of time. >=20 > oops, and again a dialog asks for database but should for a > username. database *user*? like ossim configuration? are you sure? > the guide says > "- Edit the phpgacl configuration by hand at > /etc/ossim/framework/ossim.conf. > Debconf management is incoming.." >=20 > but to my opinion the file is configured correctly already. Cause you have default settings (locahost, root, ossim, etc). If you have to change the database password.. >=20 > > > OK, again I will start ignoring ... :-( > > >=20 > > > - while doing "apt-get install ossim-framework": > > >=20 > > > |... > > > | Creating config file /etc/apache/modules.conf with new version > > > |=20 > > > | Setting up ossim-framework (0.9.7+cvs20050125-1) ... > > > | Package `apache' is not installed and no info is available. > > > | Use dpkg --info (=3D dpkg-deb --info) to examine archive files, > > > | and dpkg --contents (=3D dpkg-deb --contents) to list their content= s. > > > |=20 > > > | Setting up fontconfig (2.2.3-4) ... > > > |... > >=20 > > It's fixed in 0.9.8rc1. >=20 > confirmed. :) > > > sounds strange, but I will ignore. > > >=20 > > > time is [12:22] > > >=20 > > > - "Go to http://yourhost/phpgacl/setup.php to insert the tables in th= e > > > database." > > >=20 > > > well: > > > telnet localhost 80 > > > Trying 127.0.0.1... > > > telnet: Unable to connect to remote host: Connection refused > > >=20 > > > oh, it is https ... > > >=20 > >=20 > > > - doing the "lets get started" (I guess thats what I should do?): > >=20 > > Once phpgacl is configured, go to http://yourhost/ossim/. You do not > > need to enter to phpgacl admin page.. >=20 > OK. > Time is now 14:38. Have to stop for some minutes. > 15:02 - proceeding. >=20 > I entered http://yourhost/ossim/ > and first was asked to do something about phpGACL. > I did so and it seemed to be success. > However, the resulting web page says > "*IMPORTANT* >=20 > Please make sure you create the <phpGACL root>/admin/templates_c > directory, and give it write permissions for the user your web server > runs as." phpgacl debian package does the job for you > But that is already OK, so the hint is superfluous. Yes, you are right.. > > > Warning: file(../CREDITS): failed to open stream: No such file or > > > directory in /usr/share/phpgacl/admin/about.php on line 73 > > >=20 > > > Warning: implode(): Bad arguments. in > > > /usr/share/phpgacl/admin/about.php on line 73 > > > phpGACL > >=20 > >=20 > > New phpgacl improvements have been introduced today, can you test with > > the new phpgacl-3.3.4 package? >=20 > confirmed to not appear any more. Perfect. > [15:15] Great, I have now a management interface in my browser running. > Some error messages here and there, but I will look into this later. >=20 > > Sorry my poor english. >=20 > You english is very good. Thanks for your answers. Hago lo que puedo jejejeje > Best >=20 > Jan Thank you very much for your report. Reports like this are very usefull for us :) David. |
