-
Notifications
You must be signed in to change notification settings - Fork 11
/
CONFIGURE
66 lines (54 loc) · 2.38 KB
/
CONFIGURE
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
A. CONFIGURATION
1) Create nidus user/database see wraith/nidus/CONFIGURE
2) Dependencies
- dateutil 2.3 https://pypi.python.org/pypi/python-dateutil
- PyrIC: sudo pip install PyRIC
- psycopg2 2.5.4 https://pypi.python.org/pypi/psycopg2
- mgrs 1.1 https://pypi.python.org/packages/source/m/mgrs/mgrs-1.1.0.tar.gz
o may need python-setuptools
- gui support
o python-tk
o tix
3) Configure system for use
- Set up sensor daemon
o iyrid
1) copy <pathtowraith>/iyri/iyrid to /etc/init.d
2) change ownership to root/root (if necessary)
3) make iyri.py executable (change permissions of iyri.py to 755)
4) verify iyri does not start on boot (unless desired)
- Set up logs
cd /var/logs
mkdir wraith
sudo chown <user>:adm wraith
chmod 750 wraith
cd wraith
touch iyri.log
- Configure Iyri. Iyri requires root privleges to a) bind to the raw socket
and b) set nic properities i.e bring up/down change hwaddr execute iw, iwconfig
and ifconfig. There are two options:
o run iyri as root (use current iyrid)
o If you're not comfortable running iyri as root, it can be run as a user
which requires the following:
* configure iw, iwconfig, ifconfig and macchanger in /etc/sudoers
# Cmnd alias specification
Cmnd_Alias IWCONFIG = /sbin/iwconfig
Cmnd_Alias IFCONFIG = /sbin/ifconfig
Cmnd_Alias IW = /usr/sbin/iw #--> iw 3.17
# Allow user to execute iw* commands
<user> ALL=NOPASSWD:IWCONFIG
<user> ALL=NOPASSWD:IFCONFIG
<user> ALL=NOPASSWD:IW
Then run 'sudo service sudo restart'
* You also need to give the python interpreter set raw capability in order to
bind the raw socket. Configure the iyri daemon, to set raw capabilities
temporarily and then remove the permission after iyri has bound to the
raw socket by setting do_start in iyrid to the following:
do_start() {
log_daemon_msg "Setting capability cap_net_raw"
setcap cap_net_raw=+ep /usr/bin/python2.7
log_daemon_msg "Starting $DAEMON_NAME"
start-stop-daemon --start --background --pidfile $PIDFILE --make-pid --user $DAEMON_USER --chuid $DAEMON_USER --startas $DAEMON
log_daemon_msg "Removing capability cap_net_raw"
setcap cap_net_raw=-ep /usr/bin/python2.7
log_end_msg $?
}