//
// $Id: readme.txt,v 1.2 2004/11/14 14:21:59 carneeki Exp $
//
This is a configuration quide for Inprotect - web interface for Nessus security scanner and Nmap port scanner.

This software has been tested with the following configurations
RedHat linux v. 7.2 - 9.0 (It should also work with other Linux distributions with minor or no changes)
PostNuke v. 0.71x - 0.72x (Postnuke files have been temporary removed, starting from version 0.07, they are still available in older releases)
Nessus v.1.25-2.0.7
Nmap v.2.5x - 3.45
Nikto v.1.21-1.23

PLEASE NOTE THAT THIS IS A DEVELOPMENT RELEASE AND SOFTWARE MAY HAVE LOTS OF BUGS.
THIS SOFTWARE IS CURENTLY BEING DEVELOPED FOR NESSUS 2.x, USERS OF PREVIOUS
VERSIONS OF NESSUS MAY EXPERIENCE PROBLEMS.

**************************************************************************
* For fast setup on RedHat based system you can use rh_install.sh script.*
**************************************************************************

1. Install MySQL.
See http://www.mysql.com/doc/en/index.html for installation help.


2. Make sure you have perl and following perl modules installed
        - DBI
        - MIME::Lite
        - Parallel::ForkManager
        - Date::Calc

3. Install and configure Nessus security scanner (visit www.nessus.org for details).  
	Nessus 2.x is recommended.  Nessus ver. 2.0.7 has been tested on RedHat Linux & OpenBSD.


4. Install the nmap port scanner (visit www.insecure.org for details).


5. (Optional) Install and configure the Nikto security scanner (visit www.cirt.net for details).
This is a recommended install.


6. Create the inprotect MySQL database from the inprotect sql directory: 
	# mysql < inprotect.sql

	NOTE: You may need to issue the command "# mysql -h localhost --user=root < sql/inprotect.sql" 


7. Copy the Inprotect PHP content to your web site.

	A.)  Copy the content of the inprotect html directory into the webserver accessible directory (usually /usr/local/apache/htdocs, /var/www/html in RedHat Linux or /var/www/htdocs in OpenBSD).

	B.)  Check the configuration of your config.php file.
	Settings to be concerned about:
	$dbtype="mysql";
	$dbhost="127.0.0.1";
	$dbuname="root";
	$dbpass="";
	$dbname="inprotect";


8. Copy content of the scripts folder into /usr/local/bin, make sure all perl scripts are executable.

9. Check inprotect.cfg file for correct system settings, default settings should work if the location of the Perl scripts is /usr/local/bin

(default perms of inprotect.cfg set to 644)

	A.)  You should have created a user with the nessus-adduser command.  Use those credentials here.

	B.)  You may want to consider setting NESSUSHOST to the actual IP address of your host.

	C.)  See that the DATABASEHOST is set to localhost

	D.)  DATABASEUSER is set to root with DATABASEPASSWORD set to nothing.

	E.)  Consider changing RESULTURL to your Fully Qualified Domain Name (FQDN) (example: www.inprotect.com is the FQDN for 207.173.224.30)

	F.)  You will want to consider changing the permissions to this file to something like 640.


10. Create the following directories: 
/usr/data/nessus
/usr/data/nmap

11. Create new cron jobs to run back end scripts. Sample schedule is in the "crontab" file.


12. Execute updateplugins.pl to populate the inprotect database with updated Nessus plugin data.

	NOTE:  You may want to do a:
	# tail -f /var/log/updateplugins    
	to get a grip on errors generated by the updateplugins.pl script.


13. Login to the website with username: Admin, password: password
If the login does not work then start by looking at the /var/www/logs/error_log or your web server error_log file to help double check your settings.


14. To Perform a Nessus Scan

	A.)  You need to create a profile first
	Select "Settings" -> "Nessus Scan Profiles" -> "Create New Profile" -> Fill Out Details -> Press "Save"
	
	B.)  Then Assign it to a user
	Select "Settings" -> "Nessus Scan Profiles" -> Select a Profile to assign to a user -> "Edit" -> "Edit Users" -> Select User(s) and "Add Users"

	C.)  Then pick a victim
	"Security Scan" -> "Nessus Scan" -> "New Schedule" -> Give it a name -> "Manage Hosts" -> Input IP(s) -> "Manage Schedule" -> Enter Appropriate Data -> "Submit"

	D.)  Then get your results
	Check the "Reports" link 
	or 
	"Security Scan" -> "Nessus Scan" -> "View runnings scans details"

15. To Perform a nmap scan
	"Security Scan" -> "Nmap Port Scan"


16. Have Fun!


17. Now set up your permissions correctly...

Please send your email to alex@inprotect.com with any questions and comments regarding software installation, documentation corrections, security issues and bugs.
Document updated: July 14, 2003 
