Difference between revisions of "Cyber Security: SELKS Pertama Kali Login"
Jump to navigation
Jump to search
Onnowpurbo (talk | contribs) (Created page with "It is always recommended to follow the latest docs: https://github.com/StamusNetworks/SELKS/wiki Please go to the end of the brief below for production setup considerations...") |
Onnowpurbo (talk | contribs) |
||
(3 intermediate revisions by the same user not shown) | |||
Line 7: | Line 7: | ||
First time setup: | First time setup: | ||
− | Non interactive, airgapped mode | + | ==Non interactive, airgapped mode== |
The below command will setup the selks installation: | The below command will setup the selks installation: | ||
* in non-interactive mode | * in non-interactive mode | ||
Line 17: | Line 17: | ||
Examples: | Examples: | ||
− | cd /opt/selksd/SELKS/docker/ && ./easy-setup.sh --non-interactive --no-pull-containers -i tppdummy0 --iA --restart-mode always --es-memory | + | cd /opt/selksd/SELKS/docker/ && ./easy-setup.sh --non-interactive --no-pull-containers -i tppdummy0 --iA --restart-mode always --es-memory 8G && docker-compose up -d |
+ | atau kalau mau pakai interface operasional enp0s3 | ||
− | Interactive with latest updated containers and software | + | cd /opt/selksd/SELKS/docker/ && ./easy-setup.sh --non-interactive --no-pull-containers -i enp0s3 --iA --restart-mode always --es-memory 8G && docker-compose up -d |
+ | |||
+ | |||
+ | ==Interactive with latest updated containers and software== | ||
* update/pull and install all containers (elasticsearch/suricata/ngingx/logstash/kibana/scirius/evebox/portainer) | * update/pull and install all containers (elasticsearch/suricata/ngingx/logstash/kibana/scirius/evebox/portainer) | ||
Line 37: | Line 41: | ||
− | Setting up dummy interface | + | ==Setting up dummy interface== |
+ | |||
If you would not want to sniff on specific system interface and want to set up a dummy interface for sniffing to replay for example specific | If you would not want to sniff on specific system interface and want to set up a dummy interface for sniffing to replay for example specific | ||
pcap cases: | pcap cases: | ||
Line 44: | Line 49: | ||
ip link add tppdummy0 type dummy && ip link set tppdummy0 up && ifconfig tppdummy0 mtu 1572 | ip link add tppdummy0 type dummy && ip link set tppdummy0 up && ifconfig tppdummy0 mtu 1572 | ||
+ | |||
+ | |||
+ | |||
+ | ==Mengatasi Error di Docker== | ||
+ | |||
+ | Beberapa kali kejadian error saat kita menjalankan docker. Untuk mengatasinya kita dapat shutdown dan up kembali docker dengan perintah, | ||
+ | |||
+ | docker-compose stop | ||
+ | docker-compose down | ||
+ | docker-compose up -d | ||
+ | |||
+ | ==Pranala Menarik== | ||
+ | |||
+ | * [[Cyber Security]] |
Latest revision as of 12:57, 17 July 2023
It is always recommended to follow the latest docs:
https://github.com/StamusNetworks/SELKS/wiki
Please go to the end of the brief below for production setup considerations.
First time setup:
Non interactive, airgapped mode
The below command will setup the selks installation:
- in non-interactive mode
- install all containers (elasticsearch/suricata/ngingx/logstash/kibana/scirius/evebox/portainer) without pulling anything from the internet
- use the interface tppdummy0 as sniffing interface
- use 8GB of RAM for Elasticsearch
- start up the installation (docker compose)
Examples:
cd /opt/selksd/SELKS/docker/ && ./easy-setup.sh --non-interactive --no-pull-containers -i tppdummy0 --iA --restart-mode always --es-memory 8G && docker-compose up -d
atau kalau mau pakai interface operasional enp0s3
cd /opt/selksd/SELKS/docker/ && ./easy-setup.sh --non-interactive --no-pull-containers -i enp0s3 --iA --restart-mode always --es-memory 8G && docker-compose up -d
Interactive with latest updated containers and software
- update/pull and install all containers (elasticsearch/suricata/ngingx/logstash/kibana/scirius/evebox/portainer)
- use the interface tppdummy0 as sniffing interface
- use 8GB of RAM for Elasticsearch, 1GB
- start up the installation (docker compose)
Example:
cd /opt/selksd/SELKS/docker/ docker-compose down git pull ./easy-setup.sh --iA --es-memory 8G docker-compose pull docker-compose up -d --force-recreate
Setting up dummy interface
If you would not want to sniff on specific system interface and want to set up a dummy interface for sniffing to replay for example specific
pcap cases:
Example:
ip link add tppdummy0 type dummy && ip link set tppdummy0 up && ifconfig tppdummy0 mtu 1572
Mengatasi Error di Docker
Beberapa kali kejadian error saat kita menjalankan docker. Untuk mengatasinya kita dapat shutdown dan up kembali docker dengan perintah,
docker-compose stop docker-compose down docker-compose up -d