系統安裝 - TWMAN Server in Cent OS 5.7

一、作業系統安裝

1.安裝Cent OS 5.7,『Server』

   

1.1 安裝『程式開發』『開發函式庫』『fuse-devel-2.7.4-8.eI5.i386』

 

1.2 安裝『程式開發』『開發工具』

 

1.3 安裝『伺服器』『FTP伺服器』

1.4 安裝『伺服器』『網頁伺服器』

1.5 安裝『伺服器』『網路伺服器』『12:dhcp-3.0.5-29.eI5.i386』

 

 

1.6 安裝『伺服器』『舊式網路伺服器』『2:xInetd-2.3.14-13.eI5.i386』

 

1.7 安裝『基礎系統』『基礎』『aide-0.13.1-6-eI5.i386』  

 

 

1.8 安裝『基礎系統』『基礎』『fuse-2.7.4-8.eI5.i386』

  

1.9 安裝『基礎系統』『基礎』『fuse-libs-2.7.4-8.eI5.i386』

 

1.10 安裝『基礎系統』『基礎』『1:nfs-utlls-1.0.9-54.eI5.i386』

 

1.11 安裝『基礎系統』『基礎』『14:tcpdump-3.9.4-15.eI5.i386』    

 

二、相關套件安裝

1.將TWMAN的Source code複製到伺服器檔案系統對應的目錄下

1.1 unzip TWMAN-2.0.zip 

1.2 cp –ru TWMAN/* /

 

2.變更資料夾存取權限

2.1 chmod -R 777 /fauxservers

2.2 chmod -R 777 /forensics

2.3 chmod -R 777 /images

2.4 chmod -R 777 /tftpboot/pxelinux.cfg

2.5 chmod -R 777 /Tools/Parse-Win32Registry-0.60/bin/

2.6 chmod -R 777 /var/www/cgi-bin

 

3.安裝tftp server

3.1 rpm –ivh /Tools/tftp-server-0.49-2.el5.centos.i386.rpm

 

4.安裝libpcap

4.1 rpm –ivh /Tools/libpcap-devel-0.9.4-15.e15.i386.rpm

4.2 cd /Tools/libpcap-1.2.0

4.3 ./configure

4.4 make

4.5 make install

 

5.安裝ngrep

5.1 rpm –ivh /Tools/ngrep-1.45-1.rf.i386.rpm

 

6.安裝iptable

6.1 rpm –ivh /Tools/iptables-devel-1.3.5-1.2.1.fc6.mpls.1.957.i386.rpm

 

7.安裝tcpdump

7.1 cd /Tools/tcpdump-4.1.1

7.2 ./configure

7.3 make

7.4 make install

 

8.安裝tcptrace

8.1 cd /Tools/tcptrace-6.6.7

8.2 ./configure

8.3 make

8.4 make install

 

9.安裝ipaudit 1.0 beta2

9.1 cd /Tools/ipaudit-1.0rc9

9.2 ./configure

9.3 make

9.4 make install

 

10 安裝perl程式Digest-HMAC

10.1 cd /Tools/Digest-HMAC-1.03

10.2 perl Makefile.PL

10.3 make

10.4 make install

 

11.安裝perl程式Digest-SHA

11.1 cd /Tools/Digest-SHA-5.23

11.2 perl Makefile.PL

11.3 make

11.4 make install

 

12. 安裝perl程式Digest-SHA1

12.1 cd /Tools/Digest-SHA1-2.13

12.2 perl Makefile.PL

12.3 make

12.4 make install

 

13 安裝perl程式CGI

13.1 cd /Tools/CGI.pm-3.55

13.2 perl Makefile.PL

13.3 make

13.4 make install

 

14 安裝perl程式FCGI

14.1 cd /Tools/FCGI-0.67

14.2 perl Makefile.PL

14.3 make

14.4 make install

 

15 安裝perl程式Getopt

15.1 cd /Tools/Getopt-Long-2.38

15.2 perl Makefile.PL

15.3 make

15.4 make install

 

16.安裝perl程式IO::Socket

16.1 cd /Tools/IO-1.25

16.2 perl Makefile.PL

16.3 make

16.4 make install


17.安裝perl程式Net::IP

17.1 cd /Tools/Net-IP-1.25

17.2 perl Makefile.PL

17.3 make

17.4 make install

 

18.安裝perl程式Net::IP::Resolver

18.1 cd /Tools/Net-IP-Resolver-0.02

18.2 perl Makefile.PL

18.3 make

18.4 make install

 

19.安裝perl程式Net::Server

19.1 cd /Tools/Net-Server-0.99

19.2 perl Makefile.PL

19.3 make

19.4 make install

 

20.安裝perl程式Net::DNS

20.1 cd /Tools/Net-DNS-0.66

20.2 perl Makefile.PL

20.3 make

20.4 make install

 

 

21.安裝perl程式Parse-Win32Registry

21.1 cd /Tools/Parse-Win32Registry-0.60

21.2 perl Makefile.PL

21.3 make

21.4 make install

 

22.安裝perl程式perlipq

22.1 cd /Tools/perlipq-1.25

22.2 perl Makefile.PL

22.3 make

22.4 make install

 

23.安裝perl程式IPC::Shareable

23.1 cd /Tools/IPC-Shareable-0.60

23.2 perl Makefile.PL

23.3 make

23.4 make install

 

24.安裝ssdeep

24.1 cd /Tools/ssdeep-2.7

24.2 ./configure

24.3 make

24.4 make install

 

25.安裝ntfs-3g

25.1 cd /Tools/ntfs-3g_ntfsprogs-2011.4.12

25.2 ./configure

25.3 make

25.4 make install

 

26.安裝inetsim

26.1 groupadd inetsim

26.2 cd /Tools/inetsim-1.2.1

26.3 sh setup.sh  

 

三、環境設定與測試

1.設定網卡

1.1 setup

1.1.1 IP位置:192.168.0.100

1.1.2 網路遮罩:255.255.255.0  

 

 

2.重新啟動網路服務

2.1 service network restart

 

3.確認必要系統服務已啟動

3.1 chkconfig httpd on

3.2 chkconfig dhcpd on

3.3 chkconfig tftp on

3.4 chkconfig nfs on

3.5 service httpd start

3.6 service dhcpd start

 

4.載入fuse模組並測試

4.1 modprobe fuse

4.2 lsmod | grep fuse

 

 

5.檢查NFS設定

5.1 cat /etc/exports

 

5.2 service nfs start

 

6. 檢查服務的連接埠

6.1 cat /etc/services

ddsave 45611/tcp

ddrestore 46512/tcp

 

7.檢查iptables的設定檔:/usr/local/virus/iptables/iptables.rule

EXTIF=”eth0”

INIF=”eth1”

INNET=”192.168.0.0/24”

 

 

8.檢查httpd.conf

ScriptAlias “/var/www/cgi-bin”

 

<Directory “/var/www/cgi-bin”>

AllowOverride None

Options None

Order allow,deny

Allow from all    

 

 

9.檢查tftp設定

9.1 /etc/xinetd.d/tftp

 

 

10.修改sudo權限

10.1 visudo 註解掉 #Default requiretty並新增 apache ALL=(ALL) NOPASSWD: ALL  

 

 

11. 測試虛擬網路環境

11.1 /Tools/inetsim/inetsim –session test