forked from aslanvaroqua/hadoop-fingerprintr
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathinstall
executable file
·120 lines (92 loc) · 4.44 KB
/
install
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
FROM ubuntu:precise
MAINTAINER Aslan Varoqua <aslan.varoqua@duasamericasgroup.com>
echo "deb http://archive.cloudera.com/debian maverick-cdh3 contrib" > /etc/apt/sources.list.d/cloudera.list
echo "deb-src http://archive.cloudera.com/debian maverick-cdh3 contrib" >> /etc/apt/sources.list.d/cloudera.list
echo "deb http://us.archive.ubuntu.com/ubuntu/ precise universe" >> /etc/apt/sources.list
echo "deb http://us.archive.ubuntu.com/ubuntu/ precise-updates universe" >> /etc/apt/sources.list
apt-get install curl wget -y --force-yes
curl -s http://archive.cloudera.com/debian/archive.key | apt-key add -
apt-get update -y --force-yes
apt-get install build-essential hadoop-0.20 hadoop-pig git-core libnids-dev libnids1.21 libmagic-dev ipython python2.7-dev libnet1-dev python-pip flex bison libpcap0.8 libpcap0.8-dev openjdk-6-jdk libpcre3 libpcre3-dev pkg-config gettext -y --force-yes
pip install python-magic argparse
#Install libdnet GOOGLE LINK BROKEN
mkdir /src;\
cd /src;\
wget http://libdnet.googlecode.com/files/libdnet-1.12.tgz;\
tar -zxvf libdnet-1.12.tgz;\
cd libdnet-1.12/;\
./configure;\
make;\
make install;
#Fix libdnet
cp /usr/local/lib/libdnet.1.0.1 /usr/local/lib/libdnet.so.1.0.1 &&\
ldconfig
#Install DAQ
cd /src &&\
wget http://www.snort.org/downloads/1850 &&\
tar -zxvf 1850 &&\
cd daq-1.1.1/ &&\
./configure && make && make install
#Install Snort
cd /src &&\
wget http://www.snort.org/downloads/1862 &&\
tar -zxvf 1862 &&\
cd snort-2.9.3.1/ &&\
./configure --prefix /usr/local/snort --enable-ipv6 --enable-gre --enable-mpls --enable-targetbased --enable-ppm --enable-perfprofiling --enable-zlib --enable-reload && make && make install &&\
groupadd snort && useradd -g snort snort && ln -s /usr/local/snort/bin/snort /usr/sbin/ && ln -s /usr/local/snort/etc /etc/snort &&\
mkdir -p /usr/local/snort/var/log && chown snort:snort /usr/local/snort/var/log && ln -s /usr/local/snort/var/log /var/log/snort &&\
ln -s /usr/local/snort/lib/snort_dynamicpreprocessor /usr/local/lib/snort_dynamicpreprocessor &&\
ln -s /usr/local/snort/lib/snort_dynamicengine /usr/local/lib/snort_dynamicengine &&\
mkdir /usr/local/snort/lib/snort_dynamicrules && ln -s /usr/local/snort/lib/snort_dynamicrules /usr/local/lib/snort_dynamicrules &&\
chown -R snort:snort /usr/local/snort && ldconfig
#Install glib
cd /src &&\
wget ftp://ftp.gtk.org/pub/gtk/v2.2/glib-2.2.3.tar.bz2 && bunzip2 glib-2.2.3.tar.bz2 && tar -xvf glib-2.2.3.tar &&\
cd glib-2.2.3 && ./configure && make && make install
#Install p0f
cd /src &&\
wget http://lcamtuf.coredump.cx/p0f3/releases/p0f-3.06b.tgz &&\
tar -zxvf p0f-3.06b.tgz && cd p0f-3.06b/ && sed -i "s/p0f.fp/\/etc\/p0f\/p0f.fp/g" config.h && make && cp p0f /usr/local/bin && mkdir /etc/p0f &&\
cp p0f.fp /etc/p0f/
#Install Pynids for 64 bit
cd /src &&\
wget http://jon.oberheide.org/pynids/downloads/pynids-0.6.1.tar.gz &&\
tar -zxvf pynids-0.6.1.tar.gz && cd pynids-0.6.1 && tar -zxvf libnids-1.24.tar.gz && cd libnids-1.24/ &&\
./configure CFLAGS=-fPIC --disable-libglib --disable-libnet --disable-shared && make && make install &&\
cd .. && python setup.py build && python setup.py install
#Set Java Environment
#ENV JAVA_HOME /usr/lib/jvm/java-6-openjdk/
ENV JAVA_HOME /usr/lib/jvm/java-6-openjdk-amd64/
ENV PPD /src/passiveforensics/
# executables
cp /src/passiveforensics/install \
/usr/local/bin/dp_recovery
cp /src/passiveforensics/dprinter \
/usr/local/bin/dprinter5
cp /src/passiveforensics/dprinter_key \
/usr/local/bin/dprinter10
cp /src/passiveforensics/dprinter \
/usr/local/bin/dprinter15
cp /src/passiveforensics/dprinter \
/usr/local/bin/dprinter20
cp /src/passiveforensics/dprinter \
/usr/local/bin/dprinter25
cp /src/passiveforensics/dprinter \
/usr/local/bin/dprinter30
cp /src/passiveforensics/dprinter \
/usr/local/bin/dp5
cp /src/passiveforensics/dprinter \
/usr/local/bin/dp10
cp /src/passiveforensics/dprinter \
/usr/local/bin/dp15
cp /src/passiveforensics/dprinter \
/usr/local/bin/dp20
cp /src/passiveforensics/dprinter \
/usr/local/bin/dp25
chmod -X /usr/local/bin/dp*
#Clone and run Packetpig
cd /src/ &&\
git clone https://github.com/packetloop/passiveforensics.git && cd passiveforensics&&\
lib/scripts/tcp.py -r data/web.pcap -om http_headers -of tsv | less &&\
lib/scripts/dns_parser.py -r data/web.pcap && mkdir out &&\
pig -x local -f pig/examples/binning.pig -param pcap=data/web.pcap -param output=output && more output/binning/part-r-00000