ThreatFactor NSIA

{{>toc}}

h1. Installing NSIA

h2. Prerequisites

NSIA requires "Java runtime environment (JRE)":http://java.sun.com/javase/downloads/index.jsp 1.6 or later.

Note that some Linux operating systems (such as Ubuntu) include GCJ instead of Sun Java. GCJ is not currently supported and should not be used for running the V. On Ubuntu, run the following command to install Java:

@sudo apt-get install sun-java6-jre@

Otherwise, go to Sun Microsystems’ website to "download the Java 6 JRE":http://java.sun.com/javase/downloads/index.jsp.

h2. Installation Methods

NSIA has two installation methods: Windows installer and the archive method (no installer).

h3. Windows Installer

The installer only works on Windows. In addition to installing the application, the installer will install NSIA as a service. By default, it uses the internal database. An external database can be configured by updating the config.ini file (see below).

h3. Archive Method (No Installer)

The zip archive should be used on non-Windows platforms (but can also be used on Windows). After unzipping the archive, run install.sh (on Unix/Linux) or install.bat (on Windows) to create the default user and initialize the database.

h3. Configuring Java Runtime

You may need to change the amount of memory that the Java runtime uses. The JVM settings can be configured in etc/config.ini. The config.ini file will be loaded by the ThreatFactor binaries (such as ThreatFactor NSIA.exe) and user to configure the Java runtime. Note that the settings in this file won't affect NSIA if you run it directly by calling Java.

Below is an example of the a configuration file:

<pre>

# This sets the arguments sent to the Java virtual machine

JVM.Arguments=-Xmx512m

</pre>

h3. Running as a Service / Daemon

It you want NSIA st start every time the host starts, then it will need to be installed as a daemon (Unix) or service (Windows).

h2. Installing as a Daemon (Linux/Unix)

On Linux, you can use one of the init scripts to have NSIA start when thehost boots. The init scripts are provided with zipped archive version of NSIA. Copy the init script into the /etc/init.d/ directory. You’ll need to create symlinks in the appropriate run levels for NSIA to start automatically on startup. On Ubuntu, you can use update-rc.d to create the symlinks for you:

<pre>

sudo update-rc.d -f nsia defaults

sudo chmod 755 /etc/init.d/nsia

</pre>

The init script assumes that NSIA is installed in /opt/nsia; edit the init script if it is installed in another location. Additionally, you will need to edit the init script if you want to change the command-line arguments that are sent to NSIA (for example, if you wish to specify the amount of memory that the Java runtime allocates, set the location of the config file, etc.).

Note that NSIA should start after networking since it will try to initiate scanning after starting.

h2.  Installing as a Service (Windows)

On Windows, NSIA needs to be installed as a service to automatically run every time the system starts. To do this, install the included Win32 service using sc.exe:

<pre>

sc create "nsia" DisplayName= "Threatfactor NSIA" binPath= "C:\Program Files\ThreatFactor.com\NSIA\bin\ThreatFactor NSIA Service.exe"

</pre>

The above command assumes that NSIA is installed in "C:\Program Files\ThreatFactor.com\NSIA\bin\ThreatFactor NSIA Service.exe"; change the arguments as necessary. Additionally, make sure that the ''ThreatFactor NSIA Service.exe'' file is in the same path as the ''nsia.jar'' file (it won't be able to find it otherwise).

h2. Using an External Database

By default, NSIA uses an internal database. However, it is possible to use a database that is accessed over a JDBC connection. See [[External_Database]] for more information.

h2. Running NSIA

NSIA can be run three different ways: with the interactive CLI, GUI or as a service/daemon: 

|                          |*On Windows*                   |*On Unix/Linux*                           |

|Run From the Command-Line |Run ThreatFactor NSIA CLI.exe  |Run "./ThreatFactor NSIA"                 |

|Run the GUI               |Run ThreatFactor NSIA.exe      |Run "./ThreatFactor NSIA GUI"             |

|Run as a Windows Service  |Start it from the command-line with "net start nsia" or with services.msc |NA |

|Run as a Unix Daemon      |NA                             |sudo /etc/init.d/nsia start               |

h2. Configuring SSL

By default, the web-interface does not use SSL. Follow the directions below to create an SSL certificate and configure NSIA to use it:

h3. Creating the Keystore

Create a new certificate using the keytool application. Below is an example:

<pre>

keytool -genkey -alias nsia -keypass Pa55w0rd

</pre>

Put the keystore file in the NSIA installation directory with the file name of "etc/keystore".

h3. Configuring NSIA to Use SSL

Open NSIA and navigate to the configuration page (http://127.0.0.1:8080/System/Configuration). Go down to "Server Subsystem" and check the box next to "Enable SSL". Restart NSIA and verify that the certificate was loaded. Note that the defautl port when using SSL is port 8443 (e.g. https://127.0.0.1:8443).