From cded33917014e7008b20ea3eea67da77d8bbc594 Mon Sep 17 00:00:00 2001
From: Jan Soukal <soukal@ics.muni.cz>
Date: Thu, 1 Mar 2012 18:09:44 +0100
Subject: [PATCH] doplneno readme. spellcheck, pre-finalni verze.
---
src/warden-server/doc/README | 151 ++++++++++++++++++-----------------
1 file changed, 78 insertions(+), 73 deletions(-)
diff --git a/src/warden-server/doc/README b/src/warden-server/doc/README
index fa01f25..e752d2f 100644
--- a/src/warden-server/doc/README
+++ b/src/warden-server/doc/README
@@ -7,19 +7,17 @@ Content
A. Overall Information
B. Installation Dependencies
C. Installation
- D. Configuration
- E. Init Scripts
- F. Registration of Clients
- G. Status Info
- H. Nagios Integration
- I. Authors
+ D. Miscellaneous
+ E. Registration of Clients
+ F. Status Info
+ G. Authors
--------------------------------------------------------------------------------
A. Overall Information
1. About Warden System
- Warden is a client-based architecture service designed to share detected
+ Warden is a client-server architecture service designed to share detected
security issues (events) among CSIRT and CERT teams in a simple and fast way.
This package offers full server functionality to both install and maintain
@@ -33,7 +31,8 @@ A. Overall Information
warden-server/
bin/
- getClients.pl
+ create_tables.sh
+ getClients.pl
getStatus.pl
registerReceiver.pl
registerSender.pl
@@ -49,19 +48,19 @@ A. Overall Information
etc/
warden-client.conf
warden-server.conf
+ package_version
lib/
WardenConf.pm
WardenReg.pm
WardenStatus.pm
- sh/
- create_table
- install
- update
+ var/
+ warden.db
+ uninstall.sh
--------------------------------------------------------------------------------
B. Installation Dependencies
- 1. Aplications:
+ 1. Applications:
Perl >= 5.10.1
SQLite >= 3.7.3
@@ -87,13 +86,13 @@ B. Installation Dependencies
--------------------------------------------------------------------------------
C. Installation
- 1. Check SHA1 checksum of corresponding Warden client package archive
+ 1. Check SHA1 checksum of corresponding Warden server package archive
- $ sha1sum -c warden-server-1.0.0.tar.gz.sig
+ $ sha1sum -c warden-server-0.1.0.tar.gz.sig
2. Untar it
- $ tar xzvf warden-server-1.0.0.tar.gz
+ $ tar xzvf warden-server-0.1.0.tar.gz
3. Run install.sh
@@ -103,12 +102,10 @@ C. Installation
You must be root for running this script.
- 4. /*TODO*/Zkontrolovat Installation Privileges
-
5. Configuration files
You are advised to check configuration file warden-server.conf and
- warden-client.cong in warden-server/etc directory after installation.
+ warden-client.conf in warden-server/etc/ directory after installation.
Although this is the Warden server package it also contains several
functions (administrators and maintain) that are strictly client-side in
@@ -127,13 +124,13 @@ C. Installation
a] warden-client.conf:
URI - URI Warden server
- e.g. 'https://warden-dev.cesnet.cz:443/Warden'
+ e.g. 'https://warden.server.com:443/Warden'
SSL_KEY_FILE - path to a host key file,
- e.g. '/opt/warden-servere/warden-dev.cesnet.cz.key'
+ e.g. '/etc/ssl/private/warden.server.com.key'
SSL_CERT_FILE - path to a host certificate file,
- e.g. '/opt/warden-server/etc/warden-dev.cesnet.cz.pem'
+ e.g. '/etc/ssl/certs/warden.server.com.pem'
SSL_CA_FILE - path to a CA file
e.g. '/etc/ssl/certs/tcs-ca-bundle.pem'
@@ -143,7 +140,7 @@ C. Installation
The Warden server configuration file contains:
ADDRESS - IP address/domain name of the Warden server
- e.g. warden-dev.cesnet.cz
+ e.g. warden.server.com
PORT - used TCP port for the Warden server
e.g. 443
@@ -161,10 +158,10 @@ C. Installation
e.g. /var/run/
SSL_KEY_FILE - path to the server SSL certificate key file
- e.g. /etc/ssl/private/warden-dev.cesnet.cz.key
+ e.g. /etc/ssl/private/warden.server.com.key
SSL_CERT_FILE - path to the server SSL certificate file
- e.g. /etc/ssl/certs/warden-dev.cesnet.cz.pem
+ e.g. /etc/ssl/certs/warden.server.com.pem
SSL_CA_FILE - path to a CA certificate file
e.g. /etc/ssl/certs/tcs-ca-bundle.pem
@@ -174,55 +171,70 @@ C. Installation
6. Usage of install.sh
- Usage: $ ./install.sh [-d <directory>] [-u <user>] [-k <ssl_key_file>]
+ Usage: $ ./install.sh [-d <directory>] [-k <ssl_key_file>]
[-c <ssl_cert_file>] [-a <ssl_ca_file>] [-hV]"
-d <directory> installation directory (default: /opt)
- -u <user> owner of warden client package (user for
- running detection scripts)
-k <ssl_key_file> SSL certificate key file path
-c <ssl_cert_file> SSL certificate file path
-a <ssl_ca_file> CA certificate file path
-h print this help
-V print script version number and exit
- Example: $ ./install.sh -d /opt -u detector -k /etc/ssl/private/client.key
-
---------------------------------------------------------------------------------
-D. Configuration
+ Example: $ ./install.sh -d /opt -k /etc/ssl/private/server.key
+ -c /etc/ssl/certs/server.pem
+ -a /etc/ssl/certs/bundle.pem
+
+ 7. Usage of uninstall.sh
- /*TODO*/Doplnit konfiguraci (warden.conf) - mozna to v klientske verzi
- zasahuje do predchozi sekce, zkontrolovat.
+ Usage: $ ./uninstall.sh [-d <directory>] [-hV]
+ -d <directory> uninstallation directory (default: /opt)
+ -h print this help
+ -V print script version number and exit
--------------------------------------------------------------------------------
-E. Init Scripts
+ Example: # ./uninstall.sh -d /opt
+
+--------------------------------------------------------------------------------
+D. Miscellaneous
- /*TODO*/Doplnit init scripty
+ 1. Error Messages
+
+ Error messages of the server functions are sent via Syslog to log file, in
+ default to /var/log/messages.
- 1. Start
+ During installation when Syslog reporting is not initiated yet, error
+ messages may be reported to the standard error output instead.
- /*TODO*/Doplnit...
+ 2. Init Script
- 2. Stop
+ Usage: /etc/init.d/wardend [start|stop|status|restart|force-stop]
- /*TODO*/Doplnit...
+ The PID of the Warden server process is stored in
+ /var/run/warden-server.pl.pid.
- 3. Restart
+ The lock file is placed in /var/lock/warden-server.
- /*TODO*/Doplnit...
+ To start the Warden server after rebooting set init script
+ /etc/init.d/wardend into runlevels configuration system.
- 4. Status
+ 3. Nagios Integration
- /*TODO*/Doplnit...
+ Nagios control is available via Nagios plugin located in
+ /opt/warden-server/bin/warden-alive.
- 5. Force-stop
+ 4. Firewall
+
+ Make sure to allow TCP port listed in warden-server.conf ($PORT variable)
+ on your firewall.
- /*TODO*/Doplnit...
+ 5. Privileges
+
+ The Warden server runs only under root privileges.
--------------------------------------------------------------------------------
-F. Registration of Clients
+E. Registration of Clients
The Warden server administrator is responsible for registering new clients or
- removing those already registered. Both registration or unregistreation scripts
+ removing those already registered. Both registration or unregistration scripts
are provided in the Warden server package. Those scripts should be run from
localhost (the same machine the Warden server is installed and running on) as
they are meant to be administrator functions that are included in the Warden
@@ -235,8 +247,7 @@ F. Registration of Clients
1. Register Sender
- New sender clients are registered in Warden system via
- warden-server/bin/registerSender.pl.
+ New sender clients are registered in Warden system via registerSender.pl.
Following attributes must be provided in order to register new client
successfully:
@@ -252,8 +263,8 @@ F. Registration of Clients
2. Register Receiver
- New receiver clients are registered in Warden system via
- warden-server/bin/registerReceiver.pl.
+ New receiver clients are registered in Warden system via
+ registerReceiver.pl.
Following attributes must be provided in order to register new client
successfully:
@@ -269,11 +280,10 @@ F. Registration of Clients
One can always run registerReceiver.pl with -h argument to see a help.
-
3. Unregister Client
- In the Warden system, already register clients can be removed (unregistered)
- via warden-server/bin/unregisterClient.pl.
+ In the Warden system, already registered clients can be removed
+ (unregistered) via unregisterClient.pl.
Following attribute must be provided in order to unregister existing client
successfully:
@@ -282,10 +292,15 @@ F. Registration of Clients
One can always run unregisterClient.pl with -h argument to see a help.
+ Process of unregistration deletes this client from clients table in DB.
+ On the other hand, all messages stored by this client (considering "sender"
+ client) are not deleted, they are merely set 'invalid' in DB table events.
+ To be more specific: attribute "valid" in events table is set to 'f' (false).
+
--------------------------------------------------------------------------------
-G. Status Info
+F. Status Info
- Functions in this sections shows status of active (registered) clients or
+ Functions in this section show status of active (registered) clients or
the Warden server itself to the Warden system administrator.
Similarly to the previous section, these functions should be run from
@@ -295,24 +310,16 @@ G. Status Info
1. Get Status
- Function getStatus is accessible via warden-server/bin/getStatus.pl Perl
- script. Function has no input parameters and returns precise info about
- the Warden server/db status.
+ Function getStatus is accessible via getStatus.pl. Function has no input
+ parameters and returns precise info about the Warden server/db status.
2. Get Clients
- Function getClients is accessible via warden-server/bin/getClients.pl Perl
- script. Function has no input parametres and returns detailed information
- about registered or unregistered clients.
-
---------------------------------------------------------------------------------
-H. Nagios Integration
-
- Nagios controll is available via Nagios plugin located in
- /opt/warden-server/bin/warden-alive.
+ Function getClients is accessible via getClients.pl. Function has no input
+ parameters and returns detailed information about all registered clients.
--------------------------------------------------------------------------------
-I. Authors
+G. Authors
Development: Tomas PLESNIK <plesnik@ics.muni.cz>
Jan SOUKAL <soukal@ics.muni.cz>
@@ -321,5 +328,3 @@ Copyright (C) 2012 Cesnet z.s.p.o
Special thanks go to Martin Drasar from CSIRT-MU for his help and support
in the development of Warden system.
-
-
--
GitLab