Scripts to setup and install Bro IDS, Elasticsearch, Logstash, Kibana, and Critical Stack on any device.
Installation:
- sudo python setup.py
- Follow prompts to enter appropriate information for chosen installation type
Installation Types
- Full Install:
This will install Bro IDS, Critical Stack (optional), Logstash, Elasticsearch, Kibana, Apache, and Sweet Security Client/Server. Choose this option ONLY if you have 2GB of memory or more. - Sensor Only:
This will install Bro IDS, Critical Stack (optional), Logstash, and Sweet Security Client - Web Server Only:
This will install Elasticsearch, Kibana, Apache, and Sweet Security Server
New Functionality:
- Modularized Installation – Choose to deploy all the tools on one device, or split among multiple for better performance.
- Full Install – Deploy Bro IDS, Critical Stack, Elasticsearch, Logstash, Kibana, Apache, and Sweet Security
- Sensor Install – Deploy Bro IDS, Critical Stack, Logstash, and Sweet Security
- Web Admin Install – Deploy Elasticsearch, Kibana, and Apache
- ARP Spoofing – Full code to monitor all network traffic out of the box without network changes.
- Complete Bro Log Support – All Bro log files are now normalized by Logstash
- Kibana Content – Searches, Visualizations, and Dashboards are now included
- Architecture Support – Now supports installing on non ARM architectures
- Custom NMAP Pre-Fix – updated NMAP pre-fixes based on the IEEE OUI list
- Web Administration – apache/flask based web administration to manage known devices and system health
Supported Operating Systems
- Raspbian Jessie
- Debian Jessie
- Ubuntu 16.04
Supported Hardware
- RaspberryPi 3
- x86
- x86_64
System Requirements
- ARM, x86, or x86_64 CPU
- 2GB RAM
- 8GB Disk Storage
- 100 MB NIC (Recommended 1GB) Note: 2GB of storage is required while the Raspberry Pi 3 only has 1GB. The code can be split to run on two devices, such as two Raspberry Pi’s or a Raspberry Pi and AWS.
