From c941012fcb1653086e7b0b189f667dbd06f83bb7 Mon Sep 17 00:00:00 2001
From: Tomas Plesnik <plesnik@ics.muni.cz>
Date: Thu, 2 Feb 2012 08:28:57 +0100
Subject: [PATCH] oprava chyb a preklepu; doplnena sekce Update a
Uninstallation
---
src/warden-client/doc/README | 108 +++++++++++++++++++++++++++--------
1 file changed, 85 insertions(+), 23 deletions(-)
diff --git a/src/warden-client/doc/README b/src/warden-client/doc/README
index f06db11..6e30e12 100644
--- a/src/warden-client/doc/README
+++ b/src/warden-client/doc/README
@@ -15,6 +15,7 @@ Content
I. Functions, Arguments and Calls
J. Authors
+
--------------------------------------------------------------------------------
A. Overall Information
@@ -52,6 +53,7 @@ A. Overall Information
WardenClientReceive.pm
var/
+
--------------------------------------------------------------------------------
B. Installation Dependencies
@@ -62,6 +64,7 @@ B. Installation Dependencies
FindBin >= 1.50
DateTime >= 0.61
+
--------------------------------------------------------------------------------
C. Registration
@@ -72,11 +75,12 @@ C. Registration
Registration of your client is provided by Warden server administrator.
Usually via e-mail.
- Clients need to have valid client certificate to prove their identity to
+ Clients need to have valid client SSL certificate to prove their identity to
the Warden server.
Each client is defined by its hostname, service name, type of client, type
- of requested events and CIDR the client is allowed to communicate from only.
+ of requested events, receiving of own events, description tags and CIDR
+ the client is allowed to communicate from only.
Hostname hostname of client to be registered
@@ -120,9 +124,10 @@ C. Registration
For complete information about client attributes and/or event types see
Warden project documentation.
-
+
+
--------------------------------------------------------------------------------
-D. Installation
+D. Installation (First installation of warden client package)
1. Check SHA1 checksum of corresponding Warden client package archive
@@ -153,7 +158,7 @@ D. Installation
Should any user want to preserve standard location of certificate files,
he or she is advised to remove key and certificate files after installation
- from /warden-client/etc/ and manually edit paths to certificate files in
+ from warden-client/etc/ and manually edit paths to certificate files in
warden-client/etc/warden-client.conf. In most cases, this change will force
warden-client to be run under root privileges though.
@@ -161,12 +166,12 @@ D. Installation
After successful installation process you are advised to check configuration
file warden-client/etc/warden-client.conf. For more information see section
- G. Configuration below.
+ below G. Configuration.
6. Usage of install.sh
- Usage: $ ./install.sh [-d <directory>] [-u <user>] [-k <ssl_key_file>]
- [-c <ssl_cert_file>] [-a <ssl_ca_file>] [-hV]"
+ Usage: install.sh [-d <directory>] [-u <user>] [-k <ssl_key_file>]
+ [-c <ssl_cert_file>] [-a <ssl_ca_file>] [-hV]
-d <directory> installation directory (default: /opt)
-u <user> owner of warden client package (user for
running detection scripts)
@@ -176,18 +181,74 @@ D. Installation
-h print this help
-V print script version number and exit
- Example: $ ./install.sh -d /opt -u detector -k /etc/ssl/private/client.key
+ Example: # ./install.sh -d /opt -u detector -k /etc/ssl/private/client.key
-c /etc/ssl/certs/client.pem -a /etc/ssl/certs"
+
--------------------------------------------------------------------------------
-E. Update - DOPLNIT
+E. Update (Update of previously installed warden client package)
+
+ 1. Check SHA1 checksum of corresponding Warden client package archive
+
+ $ sha1sum -c warden-client-1.1.0.tar.gz.sig
+
+ 2. Untar it
+
+ $ tar xzvf warden-client-1.1.0.tar.gz
+
+ 3. Run update.sh
+
+ Default destination directory is /opt/warden-client/
+
+ For more information about update.sh options run update.sh -h
+
+ You must be root for running this script.
+
+ 4. Configuration file
+
+ After successful update process you are advised to check configuration
+ file warden-client/etc/warden-client.conf. For more information see section
+ below G. Configuration.
+
+ 5. Usage of update.sh
+
+ Usage: update.sh [-d <directory>] [-hV]
+ -d <directory> destination directory (default: /opt)
+ -h print this help
+ -V print script version number and exit
+
+ Example: # ./update.sh -d /opt
+
+ Note: You must be root for running this script.
+ For more information about update process, see README file (section
+ Update).
- To upgrade a client, install a new version.
--------------------------------------------------------------------------------
-F. Uninstallation - DOPLNIT
+F. Uninstallation
- To upgrade a client, install a new version.
+ 1. Run uninstall.sh
+
+ The script is located in warden-client package directory.
+
+ Default uninstallation directory is /opt/warden-client/
+
+ For more information about uninstall.sh options run uninstall.sh -h
+
+ You must be root for running this script.
+
+ 2. Usage of uninstall.sh
+
+ Usage: uninstall.sh [-d <directory>] [-hV]
+ -d <directory> uninstallation directory (default: /opt)
+ -h print this help
+ -V print script version number and exit
+
+ Example: # ./uninstall.sh -d /opt
+
+ Note: You must be root for running this script.
+ For more information about uninstallation process, see README file
+ (section Uninstallation).
--------------------------------------------------------------------------------
G. Configuration
@@ -201,17 +262,18 @@ G. Configuration
Configuration file contains following parameters:
URI - URI Warden server
- e.g. 'https://warden-dev.cesnet.cz:443/Warden'
+ e.g. 'https://mywarden.server.com:443/Warden'
SSL_KEY_FILE - path to a host key file,
- e.g. '/opt/warden-client/etc/warden-dev.cesnet.cz.key'
+ e.g. '/opt/warden-client/etc/mywarden.server.com.key'
SSL_CERT_FILE - path to a host certificate file,
- e.g. '/opt/warden-client/etc/warden-dev.cesnet.cz.pem'
+ e.g. '/opt/warden-client/etc/mywarden.server.com.pem'
SSL_CA_FILE - path to a CA file
e.g. '/etc/ssl/certs/tcs-ca-bundle.pem'
+
--------------------------------------------------------------------------------
H. Integration with Local Applications
@@ -228,19 +290,19 @@ H. Integration with Local Applications
warden-client sender functionality.
Brief information about syntax of sending functions and functionality is
- provided in section I. Functions arguments and calls.
+ provided in section I. Functions, Arguments and Calls.
- 2. Client receiver (this type of clients uploads events from Warden server)
+ 2. Client receiver (this type of clients downloads events from Warden server)
Client functionality is included as a perl module (WardenClientReceive.pm)
- into perl code of local 'reaction' application or may be used as as core of
+ into perl code of local 'reaction' application or may be used as core of
standalone local application.
See warden-client/doc/example-receiver.pl.txt for example how to use
warden-client receiver functionality.
Brief information about syntax of receiving functions and functionality is
- provided in section G. Functions arguments and calls.
+ provided in section I. Functions, Arguments and Calls.
--------------------------------------------------------------------------------
@@ -248,7 +310,7 @@ I. Functions, Arguments and Calls
1. WardenClientSend::saveNewEvent
- Function to upload one event on the Warden server. See example 'Sender'
+ Function to report one event on the Warden server. See example 'Sender'
client in warden-client/doc/example-sender.pl.txt
Function call (Perl):
@@ -352,7 +414,7 @@ I. Functions, Arguments and Calls
# Definition of requested event type. Type must be the same with this
# provided in 'Receiver' client registration. See more about this issue in
# section C. Registration. See more about event types in section
- # G. 1. WardenClientSend::saveNewEvent
+ # I. 1. WardenClientSend::saveNewEvent
$requested_type = "botnet_c_c";
# Download batch of new events from Warden server
@@ -360,7 +422,7 @@ I. Functions, Arguments and Calls
$requested_type);
Structure of each received event in the event array equals to this explained
- in section G. 1. WardenClientSend::saveNewEvent. It has one additional
+ in section I. 1. WardenClientSend::saveNewEvent. It has one additional
attribute ID - unique id of this particular event (BIGINT).
--------------------------------------------------------------------------------
--
GitLab