diff --git a/src/warden-server/doc/README b/src/warden-server/doc/README
index e752d2f13d09b0e478084e03f326e2e5c998f0eb..77e98a8c5cd129caf772b0c80f85dbe8515f14c3 100644
--- a/src/warden-server/doc/README
+++ b/src/warden-server/doc/README
@@ -18,10 +18,9 @@ A. Overall Information
1. About Warden System
Warden is a client-server architecture service designed to share detected
- security issues (events) among CSIRT and CERT teams in a simple and fast way.
+ security events (issues) among CSIRT and CERT teams in a simple and fast way.
- This package offers full server functionality to both install and maintain
- the Warden server and to register and/or unregister particular clients.
+ This package contains the Warden server.
2. Version
@@ -86,15 +85,15 @@ B. Installation Dependencies
--------------------------------------------------------------------------------
C. Installation
- 1. Check SHA1 checksum of corresponding Warden server package archive
+ 1. Check SHA1 checksum of the Warden server package archive.
$ sha1sum -c warden-server-0.1.0.tar.gz.sig
- 2. Untar it
+ 2. Untar it.
$ tar xzvf warden-server-0.1.0.tar.gz
- 3. Run install.sh
+ 3. Run install.sh.
Default destination directory is /opt/warden-server/
@@ -102,16 +101,16 @@ C. Installation
You must be root for running this script.
- 5. Configuration files
+ 4. Configuration files
You are advised to check configuration file warden-server.conf and
warden-client.conf in warden-server/etc/ directory after installation.
Although this is the Warden server package it also contains several
- functions (administrators and maintain) that are strictly client-side in
- a way the Warden system handles functions. Therefore you have to check both
- server and client config files to make sure your installation of the Warden
- server was successful and complete.
+ functions (for administration and maintenance) that are strictly
+ client-side in a way the Warden system handles functions. Therefore you have
+ to check both server and client config files to make sure your installation
+ of the Warden server was successful and complete.
SOAP protocol is used for handling communication between server and clients.
Therefore, correct URI of Warden server must be set.
@@ -121,7 +120,7 @@ C. Installation
Configuration files contain following parameters:
- a] warden-client.conf:
+ a) warden-client.conf:
URI - URI Warden server
e.g. 'https://warden.server.com:443/Warden'
@@ -135,7 +134,7 @@ C. Installation
SSL_CA_FILE - path to a CA file
e.g. '/etc/ssl/certs/tcs-ca-bundle.pem'
- b] warden-server.conf
+ b) warden-server.conf
The Warden server configuration file contains:
@@ -154,7 +153,7 @@ C. Installation
LOGDIR - logging directory
e.g. /var/log/
- PIDDIR - process ID directory
+ PIDDIR - Process ID directory
e.g. /var/run/
SSL_KEY_FILE - path to the server SSL certificate key file
@@ -169,7 +168,7 @@ C. Installation
FACILITY - syslog facility
e.g. local7
- 6. Usage of install.sh
+ 5. Usage of install.sh
Usage: $ ./install.sh [-d <directory>] [-k <ssl_key_file>]
[-c <ssl_cert_file>] [-a <ssl_ca_file>] [-hV]"
@@ -184,7 +183,7 @@ C. Installation
-c /etc/ssl/certs/server.pem
-a /etc/ssl/certs/bundle.pem
- 7. Usage of uninstall.sh
+ 6. Usage of uninstall.sh
Usage: $ ./uninstall.sh [-d <directory>] [-hV]
-d <directory> uninstallation directory (default: /opt)
@@ -198,10 +197,10 @@ D. Miscellaneous
1. Error Messages
- Error messages of the server functions are sent via Syslog to log file, in
- default to /var/log/messages.
+ Error messages of the server functions are sent via Syslog to log file,
+ default is /var/log/messages.
- During installation when Syslog reporting is not initiated yet, error
+ During installation, until Syslog reporting is initiated, error
messages may be reported to the standard error output instead.
2. Init Script
@@ -213,32 +212,35 @@ D. Miscellaneous
The lock file is placed in /var/lock/warden-server.
- To start the Warden server after rebooting set init script
- /etc/init.d/wardend into runlevels configuration system.
+ To start the Warden server after rebooting, set init script
+ /etc/init.d/wardend to runlevels configuration system.
3. Nagios Integration
- Nagios control is available via Nagios plugin located in
+ Nagios check is available via Nagios plugin located in
/opt/warden-server/bin/warden-alive.
- 4. Firewall
+ 4. Firewall Settings
- Make sure to allow TCP port listed in warden-server.conf ($PORT variable)
- on your firewall.
+ Make sure that the TCP port listed in warden-server.conf ($PORT variable)
+ is allowed on your firewall.
5. Privileges
The Warden server runs only under root privileges.
+ 6. Known Issues
+
+ Benchmarking of the Warden system showed that the system is capable of
+ sending/receiving about 4 events per second.
+
--------------------------------------------------------------------------------
E. Registration of Clients
The Warden server administrator is responsible for registering new clients or
removing those already registered. Both registration or unregistration scripts
are provided in the Warden server package. Those scripts should be run from
- localhost (the same machine the Warden server is installed and running on) as
- they are meant to be administrator functions that are included in the Warden
- server package only.
+ localhost (the same machine the Warden server is installed and running on).
Members of Warden community who would like to have their client registered must
contact the Warden server administrator with the requirement. This is usually
@@ -259,7 +261,7 @@ E. Registration of Clients
description_tags - tags describing the nature of the service,
ip_net_client - CIDR the client is only allowed to communicate from.
- One can always run registerSender.pl with -h argument to see a help.
+ One can run registerSender.pl with -h argument to see a help.
2. Register Receiver
@@ -273,12 +275,12 @@ E. Registration of Clients
requestor - organization or authorized person who demands new
client registration,
type - the type of events the client wish to receive (only
- this and nothing else)
+ this and nothing else),
receive_own_events - boolean value describing if events originating from
- the same CIDR will be sent to the client.
+ the same CIDR will be sent to the client,
ip_net_client - CIDR the client is only allowed to communicate from.
- One can always run registerReceiver.pl with -h argument to see a help.
+ One can run registerReceiver.pl with -h argument to see a help.
3. Unregister Client
@@ -290,28 +292,26 @@ E. Registration of Clients
client_id - ID of the client that should be removed (unregistered).
- One can always run unregisterClient.pl with -h argument to see a help.
+ One can run unregisterClient.pl with -h argument to see a help.
- Process of unregistration deletes this client from clients table in DB.
- On the other hand, all messages stored by this client (considering "sender"
- client) are not deleted, they are merely set 'invalid' in DB table events.
- To be more specific: attribute "valid" in events table is set to 'f' (false).
+ The process of unregistration deletes this client from clients table in DB.
+ But all messages stored by this client (considering "sender" client) are not
+ deleted, they are merely set 'invalid' in DB table events.
--------------------------------------------------------------------------------
F. Status Info
- Functions in this section show status of active (registered) clients or
- the Warden server itself to the Warden system administrator.
+ Functions in this section show status of the Warden server and active
+ (registered) clients to the Warden system administrator.
- Similarly to the previous section, these functions should be run from
+ Similarly to (un)registration, these functions should be run from
localhost (e. g. from the same machine the Warden server is installed and
- running on) as they are meant to be administrator functions that are included
- in the Warden server package only.
+ running on).
1. Get Status
Function getStatus is accessible via getStatus.pl. Function has no input
- parameters and returns precise info about the Warden server/db status.
+ parameters and returns info about the Warden server and its DB status.
2. Get Clients
@@ -324,7 +324,7 @@ G. Authors
Development: Tomas PLESNIK <plesnik@ics.muni.cz>
Jan SOUKAL <soukal@ics.muni.cz>
-Copyright (C) 2012 Cesnet z.s.p.o
+Copyright (C) 2011-2012 Cesnet z.s.p.o
Special thanks go to Martin Drasar from CSIRT-MU for his help and support
in the development of Warden system.