search

TravisFSmith / SweetSecurity

Network Security Monitoring on Raspberry Pi type devices
Apache License 2.0
777 stars 190 forks source link

sweet security troubles #1

Closed jinverar closed 7 years ago

jinverar commented 8 years ago

good day I am having trouble with your sweetdecurity.sh script. below is the output. I have installed node 4.X myself and I have chmoded +x all files related and still rx the output below. I have run the script twice now and each time the script runs like 4 hours. please advise before my next attempt.

(Reading database ... 128540 files and directories currently installed.) Preparing to unpack node_latest_armhf.deb ... Unpacking node (4.2.1-1) ... Setting up node (4.2.1-1) ... Processing triggers for man-db (2.7.0.2-5) ... cp: cannot stat ‘SweetSecurity/init.d/kibana’: No such file or directory chmod: cannot access ‘/etc/init.d/kibana’: No such file or directory update-rc.d: error: initscript does not exist: /etc/init.d/kibana mkdir: cannot create directory ‘/opt/SweetSecurity’: File exists cp: cannot stat ‘SweetSecurity/pullMaliciousIP.py’: No such file or directory cp: cannot stat ‘SweetSecurity/pullTorIP.py’: No such file or directory python: can't open file '/opt/SweetSecurity/pullTorIP.py': [Errno 2] No such file or directory python: can't open file '/opt/SweetSecurity/pullMaliciousIP.py': [Errno 2] No such file or directory cp: cannot stat ‘SweetSecurity/networkDiscovery.py’: No such file or directory cp: cannot stat ‘SweetSecurity/SweetSecurityDB.py’: No such file or directory sed: can't read /opt/SweetSecurity/networkDiscovery.py: No such file or directory sed: can't read /opt/SweetSecurity/networkDiscovery.py: No such file or directory sed: can't read /opt/SweetSecurity/networkDiscovery.py: No such file or directory sed: can't read /opt/SweetSecurity/networkDiscovery.py: No such file or directory root@raspberrypi:/home/pi/Downloads/SweetSecurity# cd SweetSecurity/in init.d/ installOpenVas.sh
root@raspberrypi:/home/pi/Downloads/SweetSecurity# cd SweetSecurity/init.d/ root@raspberrypi:/home/pi/Downloads/SweetSecurity/SweetSecurity/init.d# ls kibana logstash root@raspberrypi:/home/pi/Downloads/SweetSecurity/SweetSecurity/init.d# chmod +x kibana root@raspberrypi:/home/pi/Downloads/SweetSecurity/SweetSecurity/init.d# ./kibana ./kibana: 20: .: Can't open /etc/init.d/functions root@raspberrypi:/home/pi/Downloads/SweetSecurity/SweetSecurity/init.d# ls -la

jinverar commented 8 years ago

above that it looks like it had a problem with line 66

2016-03-01 01:56:00 (3.81 MB/s) - ‘logstash-1.5.3.tar.gz’ saved [91914390/91914390]

^[[C^[[C^[[C./SweetSecurity.sh: line 66: cd: jffi: No such file or directory Buildfile: build.xml does not exist! Build failed cp: cannot stat ‘build/jni/libjffi-1.2.so’: No such file or directory zip warning: jruby-complete-1.7.11.jar not found or empty adding: jni/arm-Linux/libjffi-1.2.so (deflated 63%) cp: cannot stat ‘SweetSecurity/init.d/logstash’: No such file or directory chmod: cannot access ‘/etc/init.d/logstash’: No such file or directory update-rc.d: error: initscript does not exist: /etc/init.d/logstash

jinverar commented 8 years ago

above that it looks like it had a problem with line 66

2016-03-01 01:56:00 (3.81 MB/s) - ‘logstash-1.5.3.tar.gz’ saved [91914390/91914390]

^[[C^[[C^[[C./SweetSecurity.sh: line 66: cd: jffi: No such file or directory Buildfile: build.xml does not exist! Build failed cp: cannot stat ‘build/jni/libjffi-1.2.so’: No such file or directory zip warning: jruby-complete-1.7.11.jar not found or empty adding: jni/arm-Linux/libjffi-1.2.so (deflated 63%) cp: cannot stat ‘SweetSecurity/init.d/logstash’: No such file or directory chmod: cannot access ‘/etc/init.d/logstash’: No such file or directory update-rc.d: error: initscript does not exist: /etc/init.d/logstash

TravisFSmith commented 8 years ago

Looks like line 65 was commented out for some previous testing. That was cloning the JFFI repo. You should be good to go now.

jinverar commented 8 years ago

Ok I will try this again shortly. Thank you it looks great. Should I re-fork the repo? I am interested in helping with this also.

meiguoren commented 7 years ago

Let me know if this should be a new issue or not. I'm getting the errors below and I'm not sure how to proceed. Apologies, I'm also a noob in general. In addition my wlan0 keeps dropping out after the script runs I'm assuming there's nothing in the script that is supposed to make that happen right?

Processing triggers for libc-bin (2.19-18+deb8u2) ... Installing Bro --2016-10-27 00:48:08-- https://www.bro.org/downloads/release/bro-2.4.1.tar.gz Resolving www.bro.org (www.bro.org)... failed: Name or service not known. wget: unable to resolve host address ‘www.bro.org’ tar (child): bro-2.4.1.tar.gz: Cannot open: No such file or directory tar (child): Error is not recoverable: exiting now tar: Child returned status 2 tar: Error is not recoverable: exiting now mkdir: cannot create directory ‘/opt/nsm’: File exists mkdir: cannot create directory ‘/opt/nsm/bro’: File exists ./SweetSecurity.sh: line 32: cd: bro-2.4.1: No such file or directory sudo: ./configure: command not found make: * No targets specified and no makefile found. Stop. make: * No rule to make target 'install'. Stop. rm: cannot remove ‘bro-2.4.1.tar.gz’: No such file or directory Installing Critical Stack Agent --2016-10-27 00:48:11-- https://intel.criticalstack.com/client/critical-stack-intel-arm.deb Resolving intel.criticalstack.com (intel.criticalstack.com)... failed: Name or service not known. wget: unable to resolve host address ‘intel.criticalstack.com’ dpkg: error processing archive critical-stack-intel-arm.deb (--install): cannot access archive: No such file or directory Errors were encountered while processing: critical-stack-intel-arm.deb sudo: unknown user: critical-stack sudo: unable to initialize policy plugin rm: cannot remove ‘critical-stack-intel-arm.deb’: No such file or directory Installing Elastic Search --2016-10-27 00:48:13-- https://download.elastic.co/elasticsearch/elasticsearch/elasticsearch-2.3.2.deb Resolving download.elastic.co (download.elastic.co)... failed: Name or service not known. wget: unable to resolve host address ‘download.elastic.co’ dpkg: error processing archive elasticsearch-2.3.2.deb (--install): cannot access archive: No such file or directory Errors were encountered while processing: elasticsearch-2.3.2.deb rm: cannot remove ‘elasticsearch-2.3.2.deb’: No such file or directory update-rc.d: error: initscript does not exist: /etc/init.d/elasticsearch Installing Logstash --2016-10-27 00:48:15-- https://download.elastic.co/logstash/logstash/packages/debian/logstash_2.3.2-1_all.deb Resolving download.elastic.co (download.elastic.co)... failed: Name or service not known. wget: unable to resolve host address ‘download.elastic.co’ dpkg: error processing archive logstash_2.3.2-1_all.deb (--install): cannot access archive: No such file or directory Errors were encountered while processing: logstash_2.3.2-1_all.deb rm: cannot remove ‘logstash_2.3.2-1_all.deb’: No such file or directory Cloning into 'jffi'... fatal: unable to access 'https://github.com/jnr/jffi.git/': Could not resolve host: github.com ./SweetSecurity.sh: line 65: cd: jffi: No such file or directory Buildfile: build.xml does not exist! Build failed cp: cannot stat ‘build/jni/libjffi-1.2.so’: No such file or directory ./SweetSecurity.sh: line 68: cd: /opt/logstash/vendor/jruby/lib: No such file or directory zip warning: jruby-complete-1.7.11.jar not found or empty zip warning: name not matched: jni/arm-Linux/libjffi-1.2.so

zip error: Nothing to do! (jruby-complete-1.7.11.jar) update-rc.d: error: initscript does not exist: /etc/init.d/logstash sudo: /opt/logstash/bin/plugin: command not found cp: cannot create regular file ‘/etc/logstash/conf.d’: No such file or directory mkdir: cannot create directory ‘/etc/logstash/custom_patterns’: No such file or directory cp: cannot create regular file ‘/etc/logstash/custom_patterns’: No such file or directory mkdir: cannot create directory ‘/etc/logstash/translate’: No such file or directory Installing Kibana --2016-10-27 00:48:25-- https://download.elastic.co/kibana/kibana/kibana-4.5.0-linux-x86.tar.gz Resolving download.elastic.co (download.elastic.co)... failed: Name or service not known. wget: unable to resolve host address ‘download.elastic.co’ tar (child): kibana-4.5.0-linux-x86.tar.gz: Cannot open: No such file or directory tar (child): Error is not recoverable: exiting now tar: Child returned status 2 tar: Error is not recoverable: exiting now mv: cannot stat ‘kibana-4.5.0-linux-x86/’: No such file or directory Reading package lists... Done Building dependency tree
Reading state information... Done Package 'nodejs' is not installed, so not removed Package 'nodejs-legacy' is not installed, so not removed Package 'nodered' is not installed, so not removed The following packages were automatically installed and are no longer required: libc-ares2 libv8-3.14.5 Use 'apt-get autoremove' to remove them. 0 upgraded, 0 newly installed, 0 to remove and 206 not upgraded. --2016-10-27 00:48:35-- http://node-arm.herokuapp.com/node_latest_armhf.deb Resolving node-arm.herokuapp.com (node-arm.herokuapp.com)... failed: Name or service not known. wget: unable to resolve host address ‘node-arm.herokuapp.com’ dpkg: error processing archive node_latest_armhf.deb (--install): cannot access archive: No such file or directory Errors were encountered while processing: node_latest_armhf.deb mv: cannot stat ‘/opt/kibana/node/bin/node’: No such file or directory mv: cannot stat ‘/opt/kibana/node/bin/npm’: No such file or directory ln: failed to create symbolic link ‘/opt/kibana/node/bin/node’: No such file or directory ln: failed to create symbolic link ‘/opt/kibana/node/bin/npm’: No such file or directory rm: cannot remove ‘node_latest_armhf.deb’: No such file or directory mkdir: cannot create directory ‘/opt/SweetSecurity’: File exists Traceback (most recent call last): File "/opt/SweetSecurity/pullTorIP.py", line 20, in main() File "/opt/SweetSecurity/pullTorIP.py", line 16, in main GetExit(url) File "/opt/SweetSecurity/pullTorIP.py", line 6, in GetExit response = urllib2.urlopen(url) File "/usr/lib/python2.7/urllib2.py", line 154, in urlopen return opener.open(url, data, timeout) File "/usr/lib/python2.7/urllib2.py", line 431, in open response = self._open(req, data) File "/usr/lib/python2.7/urllib2.py", line 449, in _open '_open', req) File "/usr/lib/python2.7/urllib2.py", line 409, in _call_chain result = func(*args) File "/usr/lib/python2.7/urllib2.py", line 1240, in https_open context=self._context) File "/usr/lib/python2.7/urllib2.py", line 1197, in do_open raise URLError(err) urllib2.URLError: <urlopen error [Errno -2] Name or service not known> Traceback (most recent call last): File "/opt/SweetSecurity/pullMaliciousIP.py", line 15, in writeYAML() File "/opt/SweetSecurity/pullMaliciousIP.py", line 6, in writeYAML yamlFile = open('/etc/logstash/translate/maliciousIP.yaml','w') IOError: [Errno 2] No such file or directory: '/etc/logstash/translate/maliciousIP.yaml' sed: can't read /opt/logstash/logstash.conf: No such file or directory sed: can't read /opt/logstash/logstash.conf: No such file or directory sed: can't read /opt/logstash/logstash.conf: No such file or directory sed: can't read /opt/logstash/logstash.conf: No such file or directory Restarting ELK services Failed to restart elasticsearch.service: Unit elasticsearch.service failed to load: No such file or directory. Job for kibana.service failed. See 'systemctl status kibana.service' and 'journalctl -xn' for details. Failed to restart logstash.service: Unit logstash.service failed to load: No such file or directory. Deploying and starting BroIDS sudo: /opt/nsm/bro/bin/broctl: command not found sudo: /opt/nsm/bro/bin/broctl: command not found pi@raspberrypi:~/SweetSecurity $

TravisFSmith commented 7 years ago

All of these issues should be resolved in v2.0 which has a new python based installer.