Installing and Configuring OSSIM 5.0

Coming from a Linux background, and being in InfoSec, I always try to stay on top of the Open Source Community’s offerings to our space. I have installed/managed AlienVault in the past, but I haven’t used it in a few years and wanted to see just what I could come up with on my home network. If you wanna follow along, by all means:

  1. Download the latest version of OSSIM here: http://downloads.alienvault.com/c/download?version=current_ossim_iso
    1. For the paranoid, get the MD5 sum here and make sure it matches!: https://www.alienvault.com/open-threat-exchange/projects
    2. In my scenario, the MD5 Checksum is 80d915f3dfb5aedab31b5981efff582f. If you are using Linux, it’s easy to determine the MD5 checksum of the file. Just open a terminal and use the md5sum command. If you are on Windows and have PowerShell 4, execute Get-FileHash <file> -Algorithm MD5. On < 4, run an obnoxious script.
  2. Fire up your VM software of choice (VMware Workstation, VirtualBox, Hyper-V) and build yourself a VM with the aforementioned .iso. Truth be told, an appliance like this is best installed on physical hardware, but if you just wanna check it out, using a VM is fine.
  3. Install OSSIM
    1. 2015-05-02 19_52_57-OSSIM - VMware Workstation
  4. Give yourself an IP (preferably outside of the DHCP range of your router).
    1. 2015-05-02 19_56_18-OSSIM - VMware Workstation
  5. Create a nice password.
    1. 2015-05-02 19_57_19-OSSIM - VMware Workstation
  6. Let ‘er eat.
    1. 2015-05-02 19_59_45-OSSIM - VMware Workstation
  7. And we’re done! Navigate to the web console, just like it tells ya’ to!
    1. 2015-05-02 20_07_49-OSSIM - VMware Workstation
  8. Fill out some basic info to get started.
    1. 2015-05-02 20_09_29-AlienVault OSSIM [alienvault - 192.168.1.100]
  9. That’s it for now. You’ll get prompted for a wizard which you should follow if you’re new to all this. I’ll keep you updated as I work through it and apply more of the features to my home network.
    1. 2015-05-02 20_12_24-AlienVault OSSIM
  10. This is super cool. Automatically deploy HIDS to your hosts!
    1. 2015-05-02 20_18_18-AlienVault OSSIM
  11. And automatically load log management plugins based on OS and vendor of network components.
    1. 2015-05-02 20_22_11-AlienVault OSSIM

How to Update Tripod

My wife is a brilliant photographer and uses the Tripod WordPress theme to run her site. The issue is that their documentation is kind of lacking, so I figured I would document the process in hopes to help others.

It’s actually pretty simple, it’s just not mentioned in their documentation as “Update”.

  1. Make a backup! SFTP to your server and copy down your entire directory to your local machine. You will also want to login to your phpMyAdmin to make a backup of your database.
  2. Update your WordPress to the latest version.
  3. Optional: Install Maintenance Mode plugin and set your site in maintenance mode.
  4. Download the latest version of the theme from envatomarket/themeforest.com. If you download the full version + documentation. It will come a .zip. Unzip it.
  5. SFTP to your site and delete the tripod theme ( ../../../wp-content/themes/tripod)
  6. Go to Appearance > Themes > Add New > Upload Theme > Choose File and choose the File named tripod_installable_theme_v_x.x.zip and click Install Now.
  7. Activate theme and make sure everything looks good.
  8. Optional: Disable Maintenance Mode.

Hopefully this helps you out. If you need assistance, just comment and I’ll do my best to answer your questions.