Installation on Debian 10.8 (Buster)¶
Warning
Debian 10.8 (Buster) reached End Of Life (EOL) on June 30, 2024, meaning it will no longer receive security updates and patches, please consider upgrading to newer versions of Debian.
Quick install¶
After obtaining the License Key, please use the our interactive installation script to quickly install IDSTower:
$ curl -O https://download.idstower.com/install_script/1.1.0/install-IDSTower.sh
$ echo "a2d8a712add3fc732ce517cef54007817e432f9434e19d631772da96c5853313 install-IDSTower.sh" \
| sha256sum -c -
$ bash install-IDSTower.sh -i
Manual install¶
Please follow the following steps to install IDSTower on Debian 10.8:
Add IDSTower repository
$ sudo apt update
$ sudo apt install -y curl gnupg2
$ curl -s https://download.idstower.com/repos/apt/idstower.key | gpg --dearmor | sudo tee /usr/share/keyrings/idstower.gpg > /dev/null
$ echo "deb [arch=amd64,arm64 signed-by=/usr/share/keyrings/idstower.gpg] https://download.idstower.com/repos/apt stable main" | sudo tee /etc/apt/sources.list.d/idstower.list
Add backports repository
$ source /etc/os-release && echo "deb http://deb.debian.org/debian ${VERSION_CODENAME}-backports main" | sudo tee /etc/apt/sources.list.d/${VERSION_CODENAME}-backports.list
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E98404D386FA1D9 6ED0E7B82643E131
Add MariaDB 10.6 repository
$ source /etc/os-release && echo "deb [arch=amd64,arm64] https://archive.mariadb.org/mariadb-10.6/repo/debian/ ${VERSION_CODENAME} main" | sudo tee /etc/apt/sources.list.d/mariadb.list
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys F1656F24C74CD1D8
Install MariaDB and IDSTower
$ sudo apt update
$ sudo apt -t buster-backports install ansible -y
$ sudo apt install mariadb-server idstower -y
Start MariaDB database service
$ sudo systemctl enable mariadb.service
$ sudo systemctl start mariadb.service
$ sudo systemctl status mariadb.service
(Recommended) Run mariadb-secure-installation Script
$ sudo /usr/bin/mariadb-secure-installation
Create a database user for IDSTower
Note
Change USERNAME and PASSWORD in the command below with your desired username and password for IDSTower database user
$ sudo mariadb -u root -p -e "GRANT ALL ON *.* TO 'USERNAME'@'localhost' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION; FLUSH PRIVILEGES;"
Edit the appsettings.json configuration file (located in: /opt/idstower/) and set the following settings
set the LicenseKey key value with the key you obtained from the license page.
set the URL key value with the url you want IDSTower to listen to (example: http://idstower.mydomain.local), this url must be reachable from your Suricata hosts, note that you can use ip addresses as well (examples: http://10.0.0.5, http://10.0.0.5:8080).
set the MySQL Database settings like host, port, database name, username & password via the Database key.
run IDSTower with –init-database option to initialize the database:
$ cd /opt/idstower/
$ sudo ./IDSTower --init-database
Note
If you wish to initialize the database manually, you can find the schema initialization script here: https://download.idstower.com/packages/latest/sql_scripts/
You can easily import the script by running the following command:
$ sudo mysql -u [username] -p [DatabseName] < idstower_schema_script.sql
Add an admin user to IDSTower:
$ sudo ./IDSTower -a [Your Admin Username]
example:
$ sudo ./IDSTower -a admin
Enable & Start IDSTower Service
$ sudo chown -R idstower:idstower /var/log/idstower/*
$ sudo systemctl enable idstower.service
$ sudo systemctl start idstower.service
Verify that IDSTower Service started correctly
$ sudo systemctl status idstower.service
Now you can access IDSTower web interface using the url set in your appsettings.json