Installing vFense Server - Gargravarr2112/vFense GitHub Wiki

Ubuntu 12.0.4 x86_64

  • Install RethinkDB Before you perform the actual apt-get install, please run this instead apt-get install rethinkdb=1.16.3~0trusty If trusty is the OS you are using. Currently we only support RethinkDB 1.16.3

Install Latest Nginx from the Nginx PPA

sudo -s
nginx=stable # use nginx=development for latest development version
add-apt-repository ppa:nginx/$nginx
apt-get update
apt-get install nginx
  • Install the dependencies through apt-get.
sudo apt-get install python-setuptools python-pip python-lxml python-pycurl python-redis python-openssl python-tornado python-beautifulsoup python-roman python-bcrypt python-ipaddr python-tz python-urlgrabber python-netifaces redis-server nginx-extras python-jsonpickle openssh-server python-simplejson patch git build-essential python-dev
  • Install the the updated modules through pip.
sudo pip install --upgrade rq requests apscheduler==2.1.2 tornado-redis xlrd roman six tornado python-dateutil rethinkdb==1.16.0-4 demjson beautifulsoup
  • Clone the github repository.
sudo git clone https://github.com/toppatch/vFense -b current /opt/TopPatch
sudo ln -s /opt/TopPatch/tp/src /usr/local/lib/python2.7/dist-packages/vFense
  • Go to Initialize vFense

Initialize vFense

Time to initialize the vFense Application. ( Warning, this process deletes everything in the database) Please check below for more options to initialize_vFense.py

sudo python /opt/TopPatch/tp/src/scripts/initialize_vFense.py --dnsname=dns_goes_here --password=password 
Rethink is not Running
Rethink instances.d directory removed and cleaned
info: Our machine ID: 1c5e8acc-fdd4-4555-94c2-1c6634e3a958
info: Created directory '/opt/TopPatch/var/rethinkdb/instances.d' and a metadata file inside it.
info: Running rethinkdb 1.11.2-0ubuntu1~lucid (GCC 4.4.3)...
info: Running on Linux 3.8.0-29-generic x86_64
info: Loading data from directory /opt/TopPatch/var/rethinkdb/instances.d
info: Listening for intracluster connections on port 9011
info: Listening for client driver connections on port 9009 
info: Listening for administrative HTTP connections on port 9010
info: Listening on addresses: 127.0.0.1, 127.0.1.1, 10.0.0.16, ::1, fe80::20c:29ff:fe61:e1ac%2 
info: Server ready
Updating CVE's...
Done Updating CVE's... 
Updating Microsoft Security Bulletin Ids... 
Done Updating Microsoft Security Bulletin Ids... 
Updating Ubuntu Security Bulletin Ids...( This can take a couple of minutes ) 
Done Updating Ubuntu Security Bulletin Ids...
Admin user and password = admin:password_goes_here
Agent user and password = agent:jV<Cm:L+
Rethink stopped successfully
vFense environment has been succesfully initialized
info: Server got SIGTERM from pid 22080, uid 0; shutting down...
info: Shutting down client connections...
info: All client connections closed.
info: Shutting down storage engine... (This may take a while if you had a lot of unflushed data in the writeback cache.)
info: Storage engine shut down.

Restart the services that vFense depends on

  1. Start up Nginx sudo service nginx restart
  2. Start up Redis sudo service redis-server restart
  3. Start up Rethinkdb sudo service rethinkdb restart
  4. Start up vFense sudo python /opt/TopPatch/tp/src/daemon/vFensed start
  5. Go to the agent documentation.Once you have at least 1 agent installed, go to the vFense Web UI https://ipaddress/

What does initialize_vFense.py do?

  • Creates the TopPatch User
  • Assigns the correct User Permissions
  • Creates the Nginx configuration file in /etc/nginx/sites-available/vFense.conf
  • Assigns the correct SSL certs in /opt/TopPatch/tp/data/ssl/
  • Determines how many listener daemons should be running for Torndao ( default: 10 )
  • Assigns a password to the admin user (default: Create one automatically )
  • Gets the latest CVE/NVD and Ubuntu Security Notices Data

intialize_vFense.py Options

python tp/src/scripts/initialize_vFense.py --help
 
usage: initialize_vFense.py [-h] [--dnsname DNS_NAME] [--ipaddress IP_ADDRESS]
                            [--password ADMIN_PASSWORD]
                            [--listener_count LISTENER_COUNT]
                            [--web_count WEB_COUNT]
                            [--server_cert SERVER_CERT]
                            [--server_key SERVER_KEY] [--cve-data]
                            [--no-cve-data]
 
Initialize vFense Options
 
optional arguments:
  -h, --help            show this help message and exit
  --dnsname DNS_NAME    Pass the DNS Name of the patching Server
  --ipaddress IP_ADDRESS
                        Pass the IP Address of the patching Server
  --password ADMIN_PASSWORD
                        Pass the password to use for the admin User. Default
                        is a random generated password
  --listener_count LISTENER_COUNT
                        The number of vFense_listener daemons to run at once,
                        cannot surpass 40
  --web_count WEB_COUNT
                        The number of vFense_web daemons to run at once,
                        cannot surpass 40
  --server_cert SERVER_CERT
                        ssl certificate to use, default is to use server.crt
  --server_key SERVER_KEY
                        ssl certificate to use, default is to use server.key
  --cve-data            Initialize CVE data. This is the default.
  --no-cve-data         Not to initialize CVE data. This is for testing
                        purposes.