TracNav menu
-
Definitions
-
Terms
- honeyclient
- firewall
- host
- remote resource
- internal network
- dmz network
-
Components
- HoneyClient::Agent
- HoneyClient::Manager
- HoneyClient::Util
-
FAQ
- General
- Licensing
- Troubleshooting
- Related Work
-
User Guide
- Setup Host
- Setup Firewall VM
- Setup Honeyclient VM
- Setup Drone
- Startup
- Notes
- Troubleshooting
-
Developer Guide
- Repository Layout
- Code Stability Status
- Anonymous Checkout
- Authenticated Checkout
- Committing Code
- Packaging
-
Methodologies
- Lockdown VM Guide
- Registry Parsing
- Scanning Active Content
- Scoring HTML Links
Drone User Guide
Here you'll find how to install, configure, and administer the Drone service. The Drone service consists of a MySQL database and a Ruby on Rails web service. It can be installed on any host system.
If you have a single host system with one Manager, then it is recommended that the Drone service be installed on the same host system. However, one Drone service can support multiple Managers running on various host systems. Therefore, if you have multiple Managers, it is recommended that the Drone service be installed on a single system that each Manager can contact directly.
- MySQL
- Ruby
- Create a Drone User Account
- Download the Drone Package
- Rails
- Start the Drone Service
- Access the Drone Service
MySQL
Install MySQL
The Honeyclient Drone database components were tested for compatibility with MySQL. Installation documentation can be found at the MySQL website.
Start MySQL Server
This can usually be accomplished by executing the following command as root:
# /etc/init.d/mysql start
However, this command may vary for certain OS distributions.
Add MySQL to System Startup
Refer to your OS distribution's documentation for adding MySQL as a startup service. Verify that MySQL automatically starts when the Drone system reboots.
Set the MySQL Root Password
Set the MySQL root password, if you didn't already do so during installation. This can be accomplished by connecting to the MySQL database console and typing the following commands:
mysql> UPDATE mysql.user SET Password=PASSWORD('root_pass') WHERE User='root';
Create the Drone Service Account
Set the user account that the Ruby on Rails web service will use to interact with the MySQL database.
mysql> GRANT ALL ON drone_development.* TO 'drone_user'@'127.0.0.1' IDENTIFIED BY 'drone_pass'; mysql> GRANT ALL ON drone_test.* TO 'drone_user'@'127.0.0.1' IDENTIFIED BY 'drone_pass'; mysql> GRANT ALL ON drone_production.* TO 'drone_user'@'127.0.0.1' IDENTIFIED BY 'drone_pass';
If the user 'drone_user' does not exist, these statements will create this account.
Ruby
Install Ruby
Most of the Drone components were developed using Ruby. Installation of Ruby is well documented and varies depending on the OS. If your OS package management system does not provide Ruby, download it at:
Note: Header files will be required for compiling extension modules. Certain distributions including Ubuntu and Debian will require you to apt-get ruby1.8-dev as well.
Install RubyGems (Latest Version)
RubyGems is a packaging system for Ruby components that must be installed. You can download it at:
Install the RubyGem: hpricot (Latest Version)
The hpricot gem is required for the Drone service. Once RubyGems is installed, execute the following as root:
# gem install hpricot
Install the RubyGem: RbYAML (Latest Version)
The RbYAML gem is required for the Drone service. Once RubyGems is installed, execute the following as root:
# gem install RbYAML
Install Rake (Latest Version)
Rake (or Ruby Make) is a build program for Ruby, similar to make that must be installed. You can download it at:
Create a Drone User Account
Create a user account on the Drone system and change to the user's home directory (e.g., /home/user). If you're installing the Drone service on the host system, then this user directory can also be where the honeyclient package was extracted, as well.
Download the Drone Package
Download and extract the latest version of Drone package from the downloads page.
Note: This guide assumes the data has been downloaded/extracted to the /home/user/drone directory.
Rails
The Drone application can operate in 3 modes: production, development, or test. By default, it will use the development mode. In order to use a different environment, you'll need to specify an environment. This can be done by prefixing all rake commands with the RAILS_ENV environment variable. In all our examples, we assume the application will run in production mode.
Modify Connection Settings
The Drone application must be configured to access your database. In order to do this, edit the file: ~/drone/config/database.yml. Change all references of drone_user and drone_pass to the actual username and password used when you created the MySQL Drone service account.
cd ~/drone vi config/database.yml
Create the Database
To create the database, execute the following command:
$ cd ~/drone $ RAILS_ENV=production rake db:create
Create the Tables
To migrate to the current version of the database, execute the following command:
$ cd ~/drone $ RAILS_ENV=production rake db:migrate
Start the Drone Service
In order to use the services provided by Drone, application must be available on a web server. By default, we provide the WEBrick daemon, which can be executed, as follows:
$ cd ~/drone $ ruby script/server -e production
Access the Drone Service
To access the Drone service, launch a web browser and specify the Drone system's URL, as follows:
http://<drone_ip_address>:3000
The default login for the web interface is:
user: admin
pass: test
Note: This interface is considered beta. It is recommended analysts also use the MySQL Query Browser for additional data views.
