Installation on Debian 11.4 (Bullseye)

Quick install

After obtaining the License Key, please use the our interactive installation script to quickly install IDSTower:

$ curl -O https://download.idstower.com/install_script/1.0.7/install-IDSTower.sh
$ echo "c07445dd1a1579e9ace54761bf4c1506c5edc1fa66aad4af46c4037f27beafe7 install-IDSTower.sh" \
 | sha256sum -c -
$ bash install-IDSTower.sh -i

Manual install

Please follow the following steps to install IDSTower on Debian 11.4:

  1. Add IDSTower repository

$ sudo apt update
$ sudo apt install -y curl gnupg2
$ curl -s https://download.idstower.com/repos/apt/idstower.key | gpg --dearmor | sudo tee /usr/share/keyrings/idstower.gpg > /dev/null
$ echo "deb [arch=amd64,arm64 signed-by=/usr/share/keyrings/idstower.gpg] https://download.idstower.com/repos/apt stable main" | sudo tee /etc/apt/sources.list.d/idstower.list
  1. Add backports repository

$ source /etc/os-release && echo "deb http://deb.debian.org/debian ${VERSION_CODENAME}-backports main" | sudo tee /etc/apt/sources.list.d/${VERSION_CODENAME}-backports.list
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 0E98404D386FA1D9 6ED0E7B82643E131
  1. Add MariaDB 10.6 repository

$ source /etc/os-release && echo "deb [arch=amd64,arm64] https://archive.mariadb.org/mariadb-10.6/repo/debian/ ${VERSION_CODENAME} main" | sudo tee /etc/apt/sources.list.d/mariadb.list
$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys F1656F24C74CD1D8
  1. Install MariaDB and IDSTower

$ sudo apt update
$ sudo apt -t bullseye-backports install ansible -y
$ sudo apt install mariadb-server idstower -y
  1. Start MariaDB database service

$ sudo systemctl enable mariadb.service
$ sudo systemctl start mariadb.service
$ sudo systemctl status mariadb.service
  1. (Recommended) Run mariadb-secure-installation Script

$ sudo /usr/bin/mariadb-secure-installation
  1. Create a database user for IDSTower

Note

Change USERNAME and PASSWORD in the command below with your desired username and password for IDSTower database user

$ sudo mariadb -u root -p -e "GRANT ALL ON *.* TO 'USERNAME'@'localhost' IDENTIFIED BY 'PASSWORD' WITH GRANT OPTION; FLUSH PRIVILEGES;"
  1. Edit the appsettings.json configuration file (located in: /opt/idstower/) and set the following settings

    • set the LicenseKey key value with the key you obtained from the license page.

    • set the URL key value with the url you want IDSTower to listen to (example: http://idstower.mydomain.local), this url must be reachable from your Suricata hosts, note that you can use ip addresses as well (examples: http://10.0.0.5, http://10.0.0.5:8080).

    • set the MySQL Database settings like host, port, database name, username & password via the Database key.

  2. run IDSTower with –init-database option to initialize the database:

$ cd /opt/idstower/
$ sudo ./IDSTower --init-database

Note

If you wish to initialize the database manually, you can find the schema initialization script here: https://download.idstower.com/packages/latest/sql_scripts/

You can easily import the script by running the following command:

$ sudo mysql -u [username] -p [DatabseName] < idstower_schema_script.sql
  1. Add an admin user to IDSTower:

$ sudo ./IDSTower -a [Your Admin Username]

example:

$ sudo ./IDSTower -a admin
  1. Enable & Start IDSTower Service

$ sudo chown -R idstower:idstower /var/log/idstower/*
$ sudo systemctl enable idstower.service
$ sudo systemctl start idstower.service
  1. Verify that IDSTower Service started correctly

$ sudo systemctl status idstower.service
  1. Now you can access IDSTower web interface using the url set in your appsettings.json