We use proprietary and third party's cookies to improve your experience and our services, identifying your Internet Browsing preferences on our website; develop analytic activities and display advertising based on your preferences. If you keep browsing, you accept its use. You can get more information on our Cookie Policy
Cookies Policy
Security Monitoring/Scored Attack Paths - Installation and Administration Guide - FIWARE Forge Wiki

Security Monitoring/Scored Attack Paths - Installation and Administration Guide

From FIWARE Forge Wiki

Jump to: navigation, search

Contents

Introduction

The Scored Attack Path application provides tools to security operators for scoring the risk and business process impact of attack paths. This application is written in Java and has a web-interface. This document will explain how to install this application.


Requirements

To be able to install and use the Scored Attack Pathapplication, there are few requirements, that will be described in this part.

The Scored Attack Pathapplication has been developed under Windows XP and successfully tested the same OS. The minimum requirement for the operating system is that the execution of all software components listed here is possible on the OS.

In order to successfully deploy the vulnerability assessment and remediation prototype, the software listed below is required:

  • Eclipse : Juno with Java EE development plugin (to build the application and export the WAR file)
  • Java: JRE Open JDK 6 has been used during the build process.
  • Apache Tomcat v6 or higher
  • Chromium 18.0 or any web browser that provides the same feature set.

Installation

Building application

The build procedure of the Scored Attack Path application executable (.war) consists of two steps. In the first step, the source of the application is imported into Eclipse and then a .war file for deployment is created. The source code of the Scored Attack Path application prototype contains a ready to use Eclipse project and class-path descriptor file (.project .classpath). Therefore, to build the Scored Attack Path application prototype, the entire project has to be imported to Eclipse. In Eclipse, choose File → Import and select "Existing Projects into Workspace" as depicted the following screenshot. In the next step enter the path to the Scored Attack Path application sources and select the project for import. Then follow the on-screen instructions to continue the import of the project.


The next step is to create a deployable WAR–File by selecting File → Export (cf screenshot below). In the next step, specify the correct web project, choose the correct Tomcat version and select a proper destination for the WAR file. If the build process has succeeded, the .war file can be found in the directory chosen in step two.

Installation instructions

In this section, the installation of the Scored Attack Path application is described. Although, the screenshots show the installation process in an CentOS 5 environment, the installation on Windows and other platforms which are capable of executing the Java platform and Tomcat follows the same logic.

Configuration files needed by the application

No particular configuration files are required by the Scored Attack Path application.

Installation of the Scored Attack Path application on Tomcat

The Scored Attack Path application can be deployed directly on Tomcat as a .war file. To do that, please follow the official guidelines for deploying applications to Tomcat : http://tomcat.apache.org/tomcat-6.0-doc/manager-howto.html. You can see in screenshot below screenshots of the deployment of the war file on Tomcat 7.

Sanity check procedures

The Sanity Check Procedures are the steps that a System Administrator will take to verify that an installation is ready to be tested. This is therefore a preliminary set of tests to ensure that obvious or basic malfunctioning is fixed before proceeding to unit tests, integration tests and user validation.

End to End testing

The successful installation of the Scored Attack Pathapplication can be verified by accessing the URL of the remediation application with the internet browser. This can be done by accessing the correct url:

http://<Base URL address>/Fi-Ware-Scored-Attack-Paths-Webapp

List of Running Processes

"tomcat" process should be running.

Network interfaces Up & Open

Ports used by tomcat (generally 8080 or 80).

Databases

The Scored Attack Path application requires no databases.

Diagnosis Procedures

In our case, the Diagnosis Procedures are based on Tomcat Apache software. The diagnosis of this server is out of the scope of this project.

Resource availability

The needed resoure depends on the number of concurrent requests received on the web server. The minimum requirements can be qualified such as:

Minimum available memory: 512 MB

Minimum available hard disk space: 5 GB

Remote Service Access

N/A

Resource consumption

Resource consumption strongly depends on the load, especially on the number of concurrent requests. The memory consumption of the Tomcat application server should be between 48MB and 1024MB. These numbers can vary significantly if you use a different application server.

I/O flows

The I/O flow uses HTTP, on standard port 80.

Personal tools
Create a book