Installing NSIA » History » Version 8
Version 7 (Luke Murphey, 04/03/2010 01:59 PM) → Version 8/21 (Luke Murphey, 04/03/2010 02:03 PM)
h1. Installing NSIA
h2. Prerequisites
NSIA requires "Java runtime environment (JRE)":http://java.sun.com/javase/downloads/index.jsp 1.6 or later.
Note that some Linux operating systems (such as Ubuntu) include GCJ instead of Sun Java. GCJ is not currently supported and should not be used for running the V. On Ubuntu, run the following command to install Java:
<pre>
sudo apt-get install sun-java6-jre
</pre>
Otherwise, go to Sun Microsystems’ website to "download the Java 6 JRE":http://java.sun.com/javase/downloads/index.jsp.
h2. Installation Methods
NSIA has two installation methods: Windows installer and the archive method (no installer).
h3. Windows Installer
The installer only works on Windows. In addition to installing the application, the installer will install NSIA as a service. By default, it uses the internal database. An external database can be configured by updating the config.ini file (see below).
h3. Archive Method (No Installer)
The zip archive should be used on non-Windows platforms (but can also be used on Windows). After unzipping the archive, run install.sh (on Unix/Linux) or install.bat (on Windows) to create the default user and initialize the database.
h3. Configuring Java Runtime
You may need to change the amount of memory that the Java runtime uses. The JVM settings can be configured in etc/config.ini. The config.ini file will be loaded by the ThreatFactor binaries (such as ThreatFactor NSIA.exe) and user to configure the Java runtime. Note that the settings in this file won't affect NSIA if you run it directly by calling Java.
Below is an example of the a configuration file:
<pre>
# This sets the arguments sent to the Java virtual machine
JVM.Arguments=-Xmx512m
</pre>
h3. Running as a Service / Daemon
It you want NSIA st start every time the host starts, then it will need to be installed as a daemon (Unix) or service (Windows).
h2. Installing as a Daemon (Linux/Unix)
On Linux, you can use one of the init scripts to have NSIA start when thehost boots. The init scripts are provided with zipped archive version of NSIA. Copy the init script into the /etc/init.d/ directory. You’ll need to create symlinks in the appropriate run levels for NSIA to start automatically on startup. On Ubuntu, you can use update-rc.d to create the symlinks for you:
<pre>
sudo update-rc.d -f nsia defaults
sudo chmod 755 /etc/init.d/nsia
</pre>
The init script assumes that NSIA is installed in /opt/nsia; edit the init script if it is installed in another location. Additionally, you will need to edit the init script if you want to change the command-line arguments that are sent to NSIA (for example, if you wish to specify the amount of memory that the Java runtime allocates, set the location of the config file, etc.).
Note that NSIA should start after networking since it will try to initiate scanning after starting.
h2. Installing as a Service (Windows)
On Windows, NSIA needs to be installed as a service to automatically run every time the system starts. To do this, install the included Win32 service using sc.exe:
<pre>
sc create "nsia" DisplayName= "Threatfactor NSIA" binPath= "C:\Program Files\ThreatFactor.com\NSIA\bin\ThreatFactor NSIA Service.exe"
</pre>
The above command assumes that NSIA is installed in "C:\Program Files\ThreatFactor.com\NSIA\bin\ThreatFactor NSIA Service.exe"; change the arguments as necessary. Additionally, make sure that the ''ThreatFactor NSIA Service.exe'' file is in the same path as the ''nsia.jar'' file (it won't be able to find it otherwise).
h2. Using an External Database
By default, NSIA uses an internal database. However, it is possible to use a database that is accessed over a JDBC connection. See [[External_Database]] for more information.
h2. Configuring SSL
By default, the web-interface does not use SSL. Follow the directions below to create an SSL certificate and configure NSIA to use it:
h3. Creating the Keystore
Create a new certificate using the keytool application. Below is an example:
<pre>
keytool -genkey -alias nsia -keypass Pa55w0rd
</pre>
Put the keystore file in the NSIA installation directory with the file name of "etc/keystore".
h3. Configuring NSIA to Use SSL
Open NSIA and navigate to the configuration page (http://127.0.0.1:8080/System/Configuration). Go down to "Server Subsystem" and check the box next to "Enable SSL". Restart NSIA and verify that the certificate was loaded. Note that the defautl port when using SSL is port 8443 (e.g. https://127.0.0.1:8443).
h2. Prerequisites
NSIA requires "Java runtime environment (JRE)":http://java.sun.com/javase/downloads/index.jsp 1.6 or later.
Note that some Linux operating systems (such as Ubuntu) include GCJ instead of Sun Java. GCJ is not currently supported and should not be used for running the V. On Ubuntu, run the following command to install Java:
<pre>
sudo apt-get install sun-java6-jre
</pre>
Otherwise, go to Sun Microsystems’ website to "download the Java 6 JRE":http://java.sun.com/javase/downloads/index.jsp.
h2. Installation Methods
NSIA has two installation methods: Windows installer and the archive method (no installer).
h3. Windows Installer
The installer only works on Windows. In addition to installing the application, the installer will install NSIA as a service. By default, it uses the internal database. An external database can be configured by updating the config.ini file (see below).
h3. Archive Method (No Installer)
The zip archive should be used on non-Windows platforms (but can also be used on Windows). After unzipping the archive, run install.sh (on Unix/Linux) or install.bat (on Windows) to create the default user and initialize the database.
h3. Configuring Java Runtime
You may need to change the amount of memory that the Java runtime uses. The JVM settings can be configured in etc/config.ini. The config.ini file will be loaded by the ThreatFactor binaries (such as ThreatFactor NSIA.exe) and user to configure the Java runtime. Note that the settings in this file won't affect NSIA if you run it directly by calling Java.
Below is an example of the a configuration file:
<pre>
# This sets the arguments sent to the Java virtual machine
JVM.Arguments=-Xmx512m
</pre>
h3. Running as a Service / Daemon
It you want NSIA st start every time the host starts, then it will need to be installed as a daemon (Unix) or service (Windows).
h2. Installing as a Daemon (Linux/Unix)
On Linux, you can use one of the init scripts to have NSIA start when thehost boots. The init scripts are provided with zipped archive version of NSIA. Copy the init script into the /etc/init.d/ directory. You’ll need to create symlinks in the appropriate run levels for NSIA to start automatically on startup. On Ubuntu, you can use update-rc.d to create the symlinks for you:
<pre>
sudo update-rc.d -f nsia defaults
sudo chmod 755 /etc/init.d/nsia
</pre>
The init script assumes that NSIA is installed in /opt/nsia; edit the init script if it is installed in another location. Additionally, you will need to edit the init script if you want to change the command-line arguments that are sent to NSIA (for example, if you wish to specify the amount of memory that the Java runtime allocates, set the location of the config file, etc.).
Note that NSIA should start after networking since it will try to initiate scanning after starting.
h2. Installing as a Service (Windows)
On Windows, NSIA needs to be installed as a service to automatically run every time the system starts. To do this, install the included Win32 service using sc.exe:
<pre>
sc create "nsia" DisplayName= "Threatfactor NSIA" binPath= "C:\Program Files\ThreatFactor.com\NSIA\bin\ThreatFactor NSIA Service.exe"
</pre>
The above command assumes that NSIA is installed in "C:\Program Files\ThreatFactor.com\NSIA\bin\ThreatFactor NSIA Service.exe"; change the arguments as necessary. Additionally, make sure that the ''ThreatFactor NSIA Service.exe'' file is in the same path as the ''nsia.jar'' file (it won't be able to find it otherwise).
h2. Using an External Database
By default, NSIA uses an internal database. However, it is possible to use a database that is accessed over a JDBC connection. See [[External_Database]] for more information.
h2. Configuring SSL
By default, the web-interface does not use SSL. Follow the directions below to create an SSL certificate and configure NSIA to use it:
h3. Creating the Keystore
Create a new certificate using the keytool application. Below is an example:
<pre>
keytool -genkey -alias nsia -keypass Pa55w0rd
</pre>
Put the keystore file in the NSIA installation directory with the file name of "etc/keystore".
h3. Configuring NSIA to Use SSL
Open NSIA and navigate to the configuration page (http://127.0.0.1:8080/System/Configuration). Go down to "Server Subsystem" and check the box next to "Enable SSL". Restart NSIA and verify that the certificate was loaded. Note that the defautl port when using SSL is port 8443 (e.g. https://127.0.0.1:8443).