• Installing NSIA
  • Prerequisites
  • Installation Methods
    • Windows Installer
    • Archive Method (No Installer)
    • Configuring Java Runtime
    • Running as a Service / Daemon
  • Installing as a Daemon (Linux/Unix)
  • Installing as a Service (Windows)
  • Using an External Database
  • Running NSIA
  • Configuring SSL
    • Creating the Keystore
    • Configuring NSIA to Use SSL

Installing NSIA¶

Prerequisites¶

NSIA requires Java runtime environment 1.6 or later.

Note that some Linux operating systems (such as Ubuntu) include GCJ instead of Sun Java. GCJ is not currently supported and should not be used for running the V. On Ubuntu, run the following command to install Java:

sudo apt-get install sun-java6-jre

Otherwise, go to Sun Microsystems’ website to download the Java 6 JRE.

Installation Methods¶

NSIA has two installation methods: Windows installer and the archive method (no installer).

Windows Installer¶

The installer only works on Windows. In addition to installing the application, the installer will install NSIA as a service. By default, it uses the internal database. An external database can be configured by updating the config.ini file (see below).

Archive Method (No Installer)¶

The zip archive should be used on non-Windows platforms (but can also be used on Windows). After unzipping the archive, run install.sh (on Unix/Linux) or install.bat (on Windows) to create the default user and initialize the database.

Configuring Java Runtime¶

You may need to change the amount of memory that the Java runtime uses. The JVM settings can be configured in etc/config.ini. The config.ini file will be loaded by the ThreatFactor binaries (such as ThreatFactor NSIA.exe) and user to configure the Java runtime. Note that the settings in this file won't affect NSIA if you run it directly by calling Java.

Below is an example of the a configuration file:

# This sets the arguments sent to the Java virtual machine
JVM.Arguments=-Xmx512m

Running as a Service / Daemon¶

It you want NSIA st start every time the host starts, then it will need to be installed as a daemon (Unix) or service (Windows).

Installing as a Daemon (Linux/Unix)¶

On Linux, you can use one of the init scripts to have NSIA start when thehost boots. The init scripts are provided with zipped archive version of NSIA. Copy the init script into the /etc/init.d/ directory. You’ll need to create symlinks in the appropriate run levels for NSIA to start automatically on startup. On Ubuntu, you can use update-rc.d to create the symlinks for you:

sudo update-rc.d -f nsia defaults
sudo chmod 755 /etc/init.d/nsia

The init script assumes that NSIA is installed in /opt/nsia; edit the init script if it is installed in another location. Additionally, you will need to edit the init script if you want to change the command-line arguments that are sent to NSIA (for example, if you wish to specify the amount of memory that the Java runtime allocates, set the location of the config file, etc.).

Note that NSIA should start after networking since it will try to initiate scanning after starting.

Installing as a Service (Windows)¶

On Windows, NSIA needs to be installed as a service to automatically run every time the system starts. To do this, install the included Win32 service using sc.exe:

sc create "nsia" DisplayName= "Threatfactor NSIA" binPath= "C:\Program Files\ThreatFactor.com\NSIA\bin\ThreatFactor NSIA Service.exe" 

The above command assumes that NSIA is installed in "C:\Program Files\ThreatFactor.com\NSIA\bin\ThreatFactor NSIA Service.exe"; change the arguments as necessary. Additionally, make sure that the ''ThreatFactor NSIA Service.exe'' file is in the same path as the ''nsia.jar'' file (it won't be able to find it otherwise).

Using an External Database¶

By default, NSIA uses an internal database. However, it is possible to use a database that is accessed over a JDBC connection. See External_Database for more information.

Running NSIA¶

NSIA can be run three different ways: with the interactive CLI, GUI or as a service/daemon:

	On Windows	On Unix/Linux
Run From the Command-Line	Run ThreatFactor NSIA CLI.exe	Run "./ThreatFactor NSIA"
Run the GUI	Run ThreatFactor NSIA.exe	Run "./ThreatFactor NSIA GUI"
Run as a Windows Service	Start it from the command-line with "net start nsia" or with services.msc	NA
Run as a Unix Daemon	NA	sudo /etc/init.d/nsia start

Configuring SSL¶

By default, the web-interface does not use SSL. Follow the directions below to create an SSL certificate and configure NSIA to use it:

Creating the Keystore¶

Create a new certificate using the keytool application. Below is an example:

keytool -genkey -alias nsia -keypass Pa55w0rd

Put the keystore file in the NSIA installation directory with the file name of "etc/keystore".

Configuring NSIA to Use SSL¶

Open NSIA and navigate to the configuration page (http://127.0.0.1:8080/System/Configuration). Go down to "Server Subsystem" and check the box next to "Enable SSL". Restart NSIA and verify that the certificate was loaded. Note that the defautl port when using SSL is port 8443 (e.g. https://127.0.0.1:8443).