om@3
|
1 |
# How To OpenSecurity Demo
|
om@3
|
2 |
|
om@3
|
3 |
## Installation
|
om@3
|
4 |
|
om@3
|
5 |
1. Copy the OpenSecurity parent Folder as-is to "C:\Program Files"
|
om@3
|
6 |
|
om@3
|
7 |
2. Inside this folder you find:
|
om@3
|
8 |
|
om@3
|
9 |
OpenSecurity/
|
om@3
|
10 |
├── client ............... OpenSecurity client code
|
om@3
|
11 |
├── cygwin ............... A cygwin subsystem used inside OpenSecurity
|
om@3
|
12 |
├── gfx .................. OpenSecurity images and icons used
|
om@3
|
13 |
├── install .............. Necessary 3rd party installment
|
om@3
|
14 |
└── server ............... OpenSecuirty server code
|
om@3
|
15 |
|
om@3
|
16 |
3. Switch into the "install" folder. There you have:
|
om@3
|
17 |
|
om@3
|
18 |
OpenSecurity/
|
om@3
|
19 |
└── install/
|
om@3
|
20 |
├── OpenSecurity.reg
|
om@3
|
21 |
├── PyQt4-4.10.3-gpl-Py2.7-Qt4.8.5-x32.exe
|
om@3
|
22 |
├── PyQt4-4.10.3-gpl-Py2.7-Qt4.8.5-x64.exe
|
om@3
|
23 |
├── python-2.7.6.amd64.msi
|
om@3
|
24 |
├── python-2.7.6.msi
|
om@3
|
25 |
├── VirtualBox-4.3.4-91027-Win.exe
|
om@3
|
26 |
└── web.py-0.37
|
om@3
|
27 |
|
om@3
|
28 |
Please install the software via double-click:
|
om@3
|
29 |
|
om@3
|
30 |
* python-2.7.6.msi on 32-Bit
|
om@3
|
31 |
_or_
|
om@3
|
32 |
python-2.7.6.amd64.msi on 64-Bit
|
om@3
|
33 |
|
om@3
|
34 |
* PyQt4-4.10.3-gpl-Py2.7-Qt4.8.5-x32.exe on 32-Bit
|
om@3
|
35 |
_or_
|
om@3
|
36 |
PyQt4-4.10.3-gpl-Py2.7-Qt4.8.5-x64.exe on 64-Bit
|
om@3
|
37 |
|
om@3
|
38 |
* VirtualBox-4.3.4-91027-Win.exe
|
om@3
|
39 |
|
om@3
|
40 |
If you didn't change any settings you'll have a Win32 Python
|
om@3
|
41 |
installation at C:\Python27 right now. This is important for
|
om@3
|
42 |
the next step.
|
om@3
|
43 |
|
om@3
|
44 |
1. Open up a cmd box --> Start / Execute / "cmd"
|
om@3
|
45 |
2. Switch into the OpenSecurity folder where the web.py resides:
|
om@3
|
46 |
|
om@3
|
47 |
C:> cd C:\Program Files\OpenSecurity\install\web.py-0.37
|
om@3
|
48 |
|
om@3
|
49 |
3. Install web.py by calling the setup.py with the "install" command
|
om@3
|
50 |
from within a python shell:
|
om@3
|
51 |
|
om@3
|
52 |
C:\Program Files\OpenSecurity\install\web.py-0.37> C:\Python27\python.exe setup.py install
|
om@3
|
53 |
running install
|
om@3
|
54 |
running build
|
om@3
|
55 |
running build_py
|
om@3
|
56 |
creating build
|
om@3
|
57 |
creating build\lib
|
om@3
|
58 |
creating build\lib\web
|
om@3
|
59 |
copying web\application.py -> build\lib\web
|
om@3
|
60 |
copying web\browser.py -> build\lib\web
|
om@3
|
61 |
copying web\db.py -> build\lib\web
|
om@3
|
62 |
copying web\debugerror.py -> build\lib\web
|
om@3
|
63 |
copying web\form.py -> build\lib\web
|
om@3
|
64 |
...
|
om@3
|
65 |
|
om@3
|
66 |
4. Finally update your registry by double-clicking the OpenSecurity.reg file.
|
om@3
|
67 |
|
om@3
|
68 |
5. To make changes in effect (automatically starting the OpenSecurity client and server daemons) you should restrat the machine.
|
om@3
|
69 |
|
om@3
|
70 |
NOTE:
|
om@3
|
71 |
Windows will pop up an UAC dialog for X11, OpenSecurity Client Daemon and OpenSecuirty Server Daemon
|
om@3
|
72 |
|
om@3
|
73 |
|
om@3
|
74 |
## VirtualBox VM Images
|
om@3
|
75 |
|
om@3
|
76 |
For the current setup to work you need at least a single Virtual Machine:
|
om@3
|
77 |
|
om@3
|
78 |
1. Create a Virtual Machine for Debian Linux
|
om@3
|
79 |
--> The machine should be named 'Debian 7'
|
om@3
|
80 |
--> There must be a user called 'user'
|
om@3
|
81 |
|
om@3
|
82 |
2. Have a Debian 7 (or 7.2) network installation ready and install a fresh new Debian system, with a user called 'user'.
|
om@3
|
83 |
|
om@3
|
84 |
3. Create 2 (!) Network Interfaces for your Virtual Machine
|
om@3
|
85 |
a) The first will be set to "NAT" --> this will be eth0
|
om@3
|
86 |
b) The second will be set to "Host-Only Adapter" --> this will be eth1
|
om@3
|
87 |
|
om@3
|
88 |
4. Power up the Virtual Machine and set the network interface configuration (/etc/network/interfaces) to:
|
om@3
|
89 |
|
om@3
|
90 |
auto lo
|
om@3
|
91 |
iface lo
|
om@3
|
92 |
|
om@3
|
93 |
auto eth0
|
om@3
|
94 |
allow-hotplug eth0
|
om@3
|
95 |
iface eth0 inet dhcp
|
om@3
|
96 |
|
om@3
|
97 |
auto eth1
|
om@3
|
98 |
iface eth1 inet static
|
om@3
|
99 |
address 192.168.56.101
|
om@3
|
100 |
netmask 255.255.255.0
|
om@3
|
101 |
gateway 192.168.56.1
|
om@3
|
102 |
|
om@3
|
103 |
5. Create a passwordless SSH connection from within Cygwin into the VM:
|
om@3
|
104 |
|
om@3
|
105 |
a) ensure the VM is started and you have a user login called 'user'.
|
om@3
|
106 |
b) start a cygwin shell by double-clicking "C:\Program Files\OpenSecurity\cygwin\Cygwin.vbs"
|
om@3
|
107 |
c) generate a ssh-key
|
om@3
|
108 |
|
om@3
|
109 |
$ ssh-keygen
|
om@3
|
110 |
|
om@3
|
111 |
--> do not set passphrases, leave all to default
|
om@3
|
112 |
d) copy the public key to the virtual machine
|
om@3
|
113 |
|
om@3
|
114 |
$ scp ~/.ssh/id_rsa.pub user@192.168.56.101:
|
om@3
|
115 |
|
om@3
|
116 |
e) add the public key to the list of authorized keys:
|
om@3
|
117 |
|
om@3
|
118 |
- login into the virtual machine
|
om@3
|
119 |
- open up a terminal
|
om@3
|
120 |
|
om@3
|
121 |
$ mkdir ~/.ssh &> /dev/null
|
om@3
|
122 |
$ cat id_rsa.pub >> ~/.ssh/authorized_keys
|
om@3
|
123 |
|
om@3
|
124 |
f) test the passwordless connection by open the cyginw command prompt on the Windows Host again:
|
om@3
|
125 |
|
om@3
|
126 |
$ ssh user@192.168.56.101
|
om@3
|
127 |
|
om@3
|
128 |
--> this should now give you a login shell on the virtual machine without a password request.
|
om@3
|
129 |
|
om@3
|
130 |
(you can now safely delete the id_rsa.pub file in your virtual machine's home)
|
om@3
|
131 |
|
om@3
|
132 |
|
om@3
|
133 |
## Demonstration
|
om@3
|
134 |
|
om@3
|
135 |
* Start the Virtual Machine
|
om@3
|
136 |
--> You do not have to log in. Just start the machine. If the X11-Login Screen appears, all is done.
|
om@3
|
137 |
|
om@3
|
138 |
* Start the opensecurity-client by calling
|
om@3
|
139 |
|
om@3
|
140 |
NOTE: you may omit this step if you double-clicked the OpenSecuirty.reg file previously.
|
om@3
|
141 |
|
om@3
|
142 |
C:> C:\
|
om@3
|
143 |
C:> cd "C:\Program Files\OpenSecurity\client"
|
om@3
|
144 |
C:\Program Files\OpenSecurity\client> start "opensecurity_client_restful_server.py 8090"
|
om@3
|
145 |
|
om@3
|
146 |
|
om@3
|
147 |
* Open Up a browser and type:
|
om@3
|
148 |
|
om@3
|
149 |
"http://127.0.0.1:8090"
|
om@3
|
150 |
|
om@3
|
151 |
HAVE FUN! =D
|