Skip to content
This repository has been archived by the owner on Feb 7, 2020. It is now read-only.

The dockerfile links were broken + hard 2 read #21

Open
wants to merge 5 commits into
base: master
Choose a base branch
from
Open

The dockerfile links were broken + hard 2 read #21

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
63d0082
The dockerfile links were broken + hard 2 read
aslanvaroqua May 14, 2018
b475d45
Debian Install Script - Non VM-Ware
aslanvaroqua May 14, 2018
3efef3d
Update Dockerfile
aslanvaroqua May 14, 2018
7c7603e
Update Dockerfile
aslanvaroqua May 14, 2018
fd9ea51
Update install.sh
aslanvaroqua May 14, 2018
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
99 changes: 65 additions & 34 deletions Dockerfile
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,80 +1,111 @@
FROM ubuntu:precise
MAINTAINER Michael Baker <cloudjunky@gmail.com>

RUN apt install curl -y --force-yes &&\
apt install wget -y --force-yes && \
apt install build-essential -y --force-yes && \
apt install hadoop-0.20 -y --force-yes && \
apt install hadoop-pig git-core -y --force-yes && \
apt install libnids-dev libnids1.21 libmagic-dev -y --force-yes && \
apt install ipython python2.7-dev -y --force-yes && \
apt install libnet1-dev -y --force-yes && \
apt install python-pip flex bison -y --force-yes && \
apt install libpcap0.8 libpcap0.8-dev -y --force-yes && \
apt install default-jre -y --force-yes && \
apt install openjdk-8-jdk -y --force-yes && \
apt install libpcre3 -y --force-yes && \
apt install libpcre3-dev pkg-config gettext -y --force-yes && \
apt install pcap -y --force-yes && \
pip install virtualenv -y --force-yes && \
apt install git -y --force-yes

RUN mkdir /src/ && \
cd /src && \
git clone http://github.com/packetloop/packetpig.git

#repos
RUN echo "deb http://archive.cloudera.com/debian maverick-cdh3 contrib" > /etc/apt/sources.list.d/cloudera.list
RUN echo "deb-src http://archive.cloudera.com/debian maverick-cdh3 contrib" >> /etc/apt/sources.list.d/cloudera.list
RUN echo "deb http://us.archive.ubuntu.com/ubuntu/ precise universe" >> /etc/apt/sources.list
RUN echo "deb http://us.archive.ubuntu.com/ubuntu/ precise-updates universe" >> /etc/apt/sources.list

RUN apt-get install curl wget -y --force-yes
RUN curl -s http://archive.cloudera.com/debian/archive.key | apt-key add -
RUN apt-get update -y --force-yes

RUN apt-get install build-essential hadoop-0.20 hadoop-pig git-core libnids-dev libnids1.21 libmagic-dev ipython python2.7-dev libnet1-dev python-pip flex bison libpcap0.8 libpcap0.8-dev openjdk-6-jdk libpcre3 libpcre3-dev pkg-config gettext -y --force-yes
RUN curl -s http://archive.cloudera.com/debian/archive.key | apt-key add -

RUN apt-get update

RUN apt install build-essential hadoop-0.20 bunzip make autoconf hadoop-pig git-core libnids-dev libnids1.21 libmagic-dev ipython python2.7-dev libnet1-dev python-pip flex bison libpcap0.8 libpcap0.8-dev openjdk-6-jdk libpcre3 libpcre3-dev pkg-config gettext -y

RUN pip install python-magic argparse

RUN pip install python-magic argparse
#DL libdnet
RUN cd /src;\
wget http://prdownloads.sourceforge.net/libdnet/libdnet-1.11.tar.gz

#Install libdnet
RUN mkdir /src;\
cd /src;\
wget http://libdnet.googlecode.com/files/libdnet-1.12.tgz;\
tar -zxvf libdnet-1.12.tgz;\
cd libdnet-1.12/;\
./configure;\
#untar libdnet
RUN tar -zxvf libdnet-1.11.tgz;

# enter libnet dir
RUN cd libdnet-1.11/;

# compile/install
RUN ./configure;\
make;\
make install;

#Fix libdnet
RUN cp /usr/local/lib/libdnet.1.0.1 /usr/local/lib/libdnet.so.1.0.1 &&\
RUN cp /usr/local/lib/libdnet.1.11.1 /usr/local/lib/libdnet.so.1.0.1 &&\
ldconfig

#Install DAQ
RUN cd /src &&\
wget http://www.snort.org/downloads/1850 &&\
tar -zxvf 1850 &&\
cd daq-1.1.1/ &&\
wget https://www.snort.org/downloads/snort/daq-2.0.6.tar.gz &&\
tar -zxvf daq-2.0.6.tar.gz &&\
cd daq-2.0.6/ &&\
./configure && make && make install

#Install Snort

# DL Snort
RUN cd /src &&\
wget http://www.snort.org/downloads/1862 &&\
tar -zxvf 1862 &&\
cd snort-2.9.3.1/ &&\
wget https://www.snort.org/downloads/snort/snort-2.9.11.1.tar.gz &&\
tar -zxvf snort-2.9.11.1.tar.gz

# INSTALL SNORT
RUN cd snort-2.9.11.1/ &&\
./configure --prefix /usr/local/snort --enable-ipv6 --enable-gre --enable-mpls --enable-targetbased --enable-ppm --enable-perfprofiling --enable-zlib --enable-reload && make && make install &&\
groupadd snort && useradd -g snort snort && ln -s /usr/local/snort/bin/snort /usr/sbin/ && ln -s /usr/local/snort/etc /etc/snort &&\
mkdir -p /usr/local/snort/var/log && chown snort:snort /usr/local/snort/var/log && ln -s /usr/local/snort/var/log /var/log/snort &&\
ln -s /usr/local/snort/lib/snort_dynamicpreprocessor /usr/local/lib/snort_dynamicpreprocessor &&\
ln -s /usr/local/snort/lib/snort_dynamicengine /usr/local/lib/snort_dynamicengine &&\
mkdir /usr/local/snort/lib/snort_dynamicrules && ln -s /usr/local/snort/lib/snort_dynamicrules /usr/local/lib/snort_dynamicrules &&\
ln -s /usr/local/snort/lib/snort_dynamicengine /usr/local/lib/snort_dynamicengine

#snort rules
RUN mkdir /usr/local/snort/lib/snort_dynamicrules && ln -s /usr/local/snort/lib/snort_dynamicrules /usr/local/lib/snort_dynamicrules &&\
chown -R snort:snort /usr/local/snort && ldconfig

#Install glib
RUN cd /src &&\
wget ftp://ftp.gtk.org/pub/gtk/v2.2/glib-2.2.3.tar.bz2 && bunzip2 glib-2.2.3.tar.bz2 && tar -xvf glib-2.2.3.tar &&\
wget https://ftp.gnome.org/pub/gnome/sources/glib/2.2/glib-2.2.3.tar.gz && tar -zxvf glib-2.2.3.tar.gz &&\
cd glib-2.2.3 && ./configure && make && make install

#Install p0f
RUN cd /src &&\
wget http://lcamtuf.coredump.cx/p0f3/releases/p0f-3.06b.tgz &&\
tar -zxvf p0f-3.06b.tgz && cd p0f-3.06b/ && sed -i "s/p0f.fp/\/etc\/p0f\/p0f.fp/g" config.h && make && cp p0f /usr/local/bin && mkdir /etc/p0f &&\
wget http://lcamtuf.coredump.cx/p0f3/releases/p0f-3.09b.tgz &&\
tar -zxvf p0f-3.09b.tgz && cd p0f-3.09b/ && sed -i "s/p0f.fp/\/etc\/p0f\/p0f.fp/g" config.h && make && cp p0f /usr/local/bin && mkdir /etc/p0f &&\
cp p0f.fp /etc/p0f/

#Install Pynids for 64 bit
RUN cd /src &&\
wget http://jon.oberheide.org/pynids/downloads/pynids-0.6.1.tar.gz &&\
wget https://jon.oberheide.org/files/pynids-0.6.1.tar.gz &&\
tar -zxvf pynids-0.6.1.tar.gz && cd pynids-0.6.1 && tar -zxvf libnids-1.24.tar.gz && cd libnids-1.24/ &&\
./configure CFLAGS=-fPIC --disable-libglib --disable-libnet --disable-shared && make && make install &&\
cd .. && python setup.py build && python setup.py install

#Set Java Environment
#ENV JAVA_HOME /usr/lib/jvm/java-6-openjdk/
ENV JAVA_HOME /usr/lib/jvm/java-6-openjdk-amd64/
ENV PPD /src/packetpig/
RUN PATH=/usr/lib/jvm/java-8-openjdk-amd64/:$PATH &&\
PPD=/src/packetpig/:$PATH

#Clone and run Packetpig
# Packetpig
RUN cd /src/ &&\
git clone https://github.com/packetloop/packetpig.git && cd packetpig &&\
cd packetpig &&\
lib/scripts/tcp.py -r data/web.pcap -om http_headers -of tsv | less &&\
lib/scripts/dns_parser.py -r data/web.pcap && mkdir out &&\
pig -x local -f pig/examples/binning.pig -param pcap=data/web.pcap -param output=output && more output/binning/part-r-00000

RUN echo "installation complete"
112 changes: 112 additions & 0 deletions debian/install.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,112 @@
#/bin/sh

apt install curl -y --force-yes &&\
apt install wget -y --force-yes && \
apt install build-essential -y --force-yes && \
apt install hadoop-0.20 -y --force-yes && \
apt install hadoop-pig git-core -y --force-yes && \
apt install libnids-dev libnids1.21 libmagic-dev -y --force-yes && \
apt install ipython python2.7-dev -y --force-yes && \
apt install libnet1-dev -y --force-yes && \
apt install python-pip flex bison -y --force-yes && \
apt install libpcap0.8 libpcap0.8-dev -y --force-yes && \
apt install default-jre -y --force-yes && \
apt install openjdk-8-jdk -y --force-yes && \
apt install libpcre3 -y --force-yes && \
apt install libpcre3-dev pkg-config gettext -y --force-yes && \
apt install pcap -y --force-yes && \
pip install virtualenv -y --force-yes && \
apt install git -y --force-yes

mkdir /src/ && \
cd /src && \
git clone http://github.com/packetloop/packetpig.git

#repos
echo "deb http://archive.cloudera.com/debian maverick-cdh3 contrib" > /etc/apt/sources.list.d/cloudera.list
echo "deb-src http://archive.cloudera.com/debian maverick-cdh3 contrib" >> /etc/apt/sources.list.d/cloudera.list
echo "deb http://us.archive.ubuntu.com/ubuntu/ precise universe" >> /etc/apt/sources.list
echo "deb http://us.archive.ubuntu.com/ubuntu/ precise-updates universe" >> /etc/apt/sources.list


curl -s http://archive.cloudera.com/debian/archive.key | apt-key add -

apt-get update

apt install build-essential hadoop-0.20 bunzip make autoconf hadoop-pig git-core libnids-dev libnids1.21 libmagic-dev ipython python2.7-dev libnet1-dev python-pip flex bison libpcap0.8 libpcap0.8-dev openjdk-6-jdk libpcre3 libpcre3-dev pkg-config gettext -y

pip install python-magic argparse

#DL libdnet
cd /src;\
wget http://prdownloads.sourceforge.net/libdnet/libdnet-1.11.tar.gz

#untar libdnet
tar -zxvf libdnet-1.11.tgz;

# enter libnet dir
cd libdnet-1.11/;

# compile/install
./configure;\
make;\
make install;

#Fix libdnet
cp /usr/local/lib/libdnet.1.11.1 /usr/local/lib/libdnet.so.1.0.1 &&\
ldconfig

#Install DAQ
cd /src &&\
wget https://www.snort.org/downloads/snort/daq-2.0.6.tar.gz &&\
tar -zxvf daq-2.0.6.tar.gz &&\
cd daq-2.0.6/ &&\
./configure && make && make install

# DL Snort
cd /src &&\
wget https://www.snort.org/downloads/snort/snort-2.9.11.1.tar.gz &&\
tar -zxvf snort-2.9.11.1.tar.gz

# INSTALL SNORT
cd snort-2.9.11.1/ &&\
./configure --prefix /usr/local/snort --enable-ipv6 --enable-gre --enable-mpls --enable-targetbased --enable-ppm --enable-perfprofiling --enable-zlib --enable-reload && make && make install &&\
groupadd snort && useradd -g snort snort && ln -s /usr/local/snort/bin/snort /usr/sbin/ && ln -s /usr/local/snort/etc /etc/snort &&\
mkdir -p /usr/local/snort/var/log && chown snort:snort /usr/local/snort/var/log && ln -s /usr/local/snort/var/log /var/log/snort &&\
ln -s /usr/local/snort/lib/snort_dynamicpreprocessor /usr/local/lib/snort_dynamicpreprocessor &&\
ln -s /usr/local/snort/lib/snort_dynamicengine /usr/local/lib/snort_dynamicengine

#snort rules
mkdir /usr/local/snort/lib/snort_dynamicrules && ln -s /usr/local/snort/lib/snort_dynamicrules /usr/local/lib/snort_dynamicrules &&\
chown -R snort:snort /usr/local/snort && ldconfig

#Install glib
cd /src &&\
wget https://ftp.gnome.org/pub/gnome/sources/glib/2.2/glib-2.2.3.tar.gz && tar -zxvf glib-2.2.3.tar.gz &&\
cd glib-2.2.3 && ./configure && make && make install

#Install p0f
cd /src &&\
wget http://lcamtuf.coredump.cx/p0f3/releases/p0f-3.09b.tgz &&\
tar -zxvf p0f-3.09b.tgz && cd p0f-3.09b/ && sed -i "s/p0f.fp/\/etc\/p0f\/p0f.fp/g" config.h && make && cp p0f /usr/local/bin && mkdir /etc/p0f &&\
cp p0f.fp /etc/p0f/

#Install Pynids for 64 bit
cd /src &&\
wget https://jon.oberheide.org/files/pynids-0.6.1.tar.gz &&\
tar -zxvf pynids-0.6.1.tar.gz && cd pynids-0.6.1 && tar -zxvf libnids-1.24.tar.gz && cd libnids-1.24/ &&\
./configure CFLAGS=-fPIC --disable-libglib --disable-libnet --disable-shared && make && make install &&\
cd .. && python setup.py build && python setup.py install

#Set Java Environment
PATH=/usr/lib/jvm/java-8-openjdk-amd64/:$PATH &&\
PPD=/src/packetpig/:$PATH

# Packetpig
cd /src/ &&\
cd packetpig &&\
lib/scripts/tcp.py -r data/web.pcap -om http_headers -of tsv | less &&\
lib/scripts/dns_parser.py -r data/web.pcap && mkdir out &&\
pig -x local -f pig/examples/binning.pig -param pcap=data/web.pcap -param output=output && more output/binning/part-r-00000

echo "installation complete"