problem installing MHN

[digokos]

Hi there! I install at VirtualBox an ubuntu server ( 12.04 AND 14.04 ) with LAMP and without LAMP, just openssh. Then I follow the installation of MHN:

$ sudo su

apt-get install git

cd /opt/

git clone https://github.com/threatstream/mhn.git

cd mhn/scripts/

./install_hpfeeds.sh

./install_mnemosyne.sh

./install_honeymap.sh

supervisorctl status

geoloc RUNNING pid 31474, uptime 0:01:07 honeymap RUNNING pid 31475, uptime 0:01:07 hpfeeds-broker RUNNING pid 11806, uptime 0:08:30 mnemosyne RUNNING pid 29672, uptime 0:05:14

Everything working fine till here and i can visit nginx at server.ip and map at server.ip:3000 but at the final step

sudo ./install_mhnserver.sh

I always have the same errors: Initializing database, please be patient. This can take several minutes

• python initdatabase.py /opt/mhn/env/local/lib/python2.7/site-packages/passlib/handlers/bcrypt.py:320: UserWarning: passlib.hash.bcrypt: Your installation of the 'pybcrypt' backend is vulnerable to the bsd wraparound bug, and should be upgraded or replaced with another backend (this warning will be fatal under passlib 1.7) "(this warning will be fatal under passlib 1.7)" % backend) Traceback (most recent call last): File "initdatabase.py", line 5, in create_clean_db() File "/opt/mhn/server/mhn/init.py", line 176, in create_clean_db fetch_sources() File "/opt/mhn/env/local/lib/python2.7/site-packages/celery/local.py", line 167, in call = lambda x, _a, _kw: x._get_current_object()(_a, _kw) File "/opt/mhn/server/mhn/tasks/init.py", line 13, in call return TaskBase.call(self, _args, _kwargs) File "/opt/mhn/env/local/lib/python2.7/site-packages/celery/app/task.py", line 420, in call return self.run(_args, _kwargs) File "/opt/mhn/server/mhn/tasks/rules.py", line 39, in fetch_sources resp = requests.get(src.uri, stream=stream) File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/api.py", line 60, in get return request('get', url, _kwargs) File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/api.py", line 49, in request return session.request(method=method, url=url, _kwargs) File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/sessions.py", line 457, in request resp = self.send(prep, _send_kwargs) File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/sessions.py", line 595, in send history = [resp for resp in gen] if allow_redirects else [] File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/sessions.py", line 189, in resolve_redirects allow_redirects=False, File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/sessions.py", line 569, in send r = adapter.send(request, _kwargs) File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/adapters.py", line 420, in send raise SSLError(e, request=request) requests.exceptions.SSLError: [Errno 1] _ssl.c:510: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

so I tried to pip uninstall py-bcrypt with a message that is not installed on my system and then: pip install -U passlib==1.6.5 pip install -U bcrypt==2.0.0

and nano /opt/mhn/server/requirements.txt to replace py-bcrypt with bcrypt==2.0.0

so now is passing the first error but the rest are remaining.

I then rm /opt/mhn/server/mhn.db but that is not good since every time I run ./install_mhnserver.sh appears again.

Can anyone help please?

[jatrost]

I tried a brand new install this morning and it worked without issue.

Is it possible that you're on a network with a web proxy that is interfering with SSL traffic?

On Sun, Mar 20, 2016 at 4:10 PM, digokos notifications@github.com wrote:

Hi there! I install at VirtualBox an ubuntu server ( 12.04 AND 14.04 ) with LAMP and without LAMP, just openssh. Then I follow the installation of MHN:

$ sudo su apt-get install git cd /opt/ git clone https://github.com/threatstream/mhn.git cd mhn/scripts/ ./install_hpfeeds.sh ./install_mnemosyne.sh ./install_honeymap.sh supervisorctl status

geoloc RUNNING pid 31474, uptime 0:01:07 honeymap RUNNING pid 31475, uptime 0:01:07 hpfeeds-broker RUNNING pid 11806, uptime 0:08:30 mnemosyne RUNNING pid 29672, uptime 0:05:14

Everything working fine till here and i can visit nginx at and map at :3000 but at the final step sudo ./install_mhnserver.sh

I always have the same errors: Initializing database, please be patient. This can take several minutes

• python initdatabase.py /opt/mhn/env/local/lib/python2.7/site-packages/passlib/handlers/bcrypt.py:320: UserWarning: passlib.hash.bcrypt: Your installation of the 'pybcrypt' backend is vulnerable to the bsd wraparound bug, and should be upgraded or replaced with another backend (this warning will be fatal under passlib 1.7) "(this warning will be fatal under passlib 1.7)" % backend) Traceback (most recent call last): File "initdatabase.py", line 5, in create_clean_db() File "/opt/mhn/server/mhn/init.py", line 176, in create_clean_db fetch_sources() File "/opt/mhn/env/local/lib/python2.7/site-packages/celery/local.py", line 167, in call = lambda x, _a, _kw: x._get_current_object()(a, kw) File "/opt/mhn/server/mhn/tasks/init.py", line 13, in call return TaskBase.call(self, _args, _kwargs) File "/opt/mhn/env/local/lib/python2.7/site-packages/celery/app/task.py", line 420, in call return self.run(_args, _kwargs) File "/opt/mhn/server/mhn/tasks/rules.py", line 39, in fetch_sources resp = requests.get(src.uri, stream=stream) File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/api.py", line 60, in get return request('get', url, _kwargs) File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/api.py", line 49, in request return session.request(method=method, url=url, _kwargs) File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/sessions.py", line 457, in request resp = self.send(prep, _send_kwargs) File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/sessions.py", line 595, in send history = [resp for resp in gen] if allow_redirects else [] File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/sessions.py", line 189, in resolve_redirects allow_redirects=False, File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/sessions.py", line 569, in send r = adapter.send(request, _kwargs) File "/opt/mhn/env/local/lib/python2.7/site-packages/requests/adapters.py", line 420, in send raise SSLError(e, request=request) requests.exceptions.SSLError: [Errno 1] _ssl.c:510: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

so I tried to pip uninstall py-bcrypt with a message that is not installed on my system and then: pip install -U passlib==1.6.5 pip install -U bcrypt==2.0.0

and nano /opt/mhn/server/requirements.txt to replace py-bcrypt with bcrypt==2.0.0

so now is passing the first error but the rest are remaining.

I then rm /opt/mhn/server/mhn.db but that is not good since every time I run ./install_mhnserver.sh appears again.

Can anyone help please?

— You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub https://github.com/threatstream/mhn/issues/248

Jason Trost | VP of Threat Research | www.anomali.com 2317 Broadway, 3rd Floor| Redwood City, CA 94063 Phone: 386.235.0078 | Twitter: @jason_trost

[digokos]

hmmmm! Thanks for fast replay. I am behind a brand new pfSense that I build a few days ago with pfBlockerNG, snort, squid proxy and openvpn. Is there any problem with this?

[jatrost]

Depending on how you have it setup there may be an issue. Are you intercepting HTTPS in squid? If so, you will need to import the cert from Squid into the list of trusted certs on the MHN server.

On Mon, Mar 21, 2016 at 2:03 AM, Dimitris notifications@github.com wrote:

hmmmm! Thanks for fast replay. I am behind a brand new pfSense that I build a few days ago with pfBlockerNG, snort, squid proxy and openvpn. Is there any problem with this?

— You are receiving this because you commented. Reply to this email directly or view it on GitHub https://github.com/threatstream/mhn/issues/248#issuecomment-199140223

Jason Trost | VP of Threat Research | www.anomali.com 2317 Broadway, 3rd Floor| Redwood City, CA 94063 Phone: 386.235.0078 | Twitter: @jason_trost

[digokos]

I see! And how I will do that on MHN Server?

[digokos]

ok the problem was installing mhn with pfsense as router, i don't know way. So I change router just for installing mhn and back. and everything working just fine at the moment :) Now I'm going for a new issue. Thanks.