Home Tools - Ghosts Automation of NPCS
Post
Cancel

Tools - Ghosts Automation of NPCS

Institute for Pervasive Cybersecurity on Jun 182021-06-18T14:00:00+00:00
Updated Jul 192021-07-19T20:45:53+00:00 1 min read

Desktop View GitHub: https://github.com/cmu-sei/GHOSTS

Install

The install/config for ghosts requires a server and client. Easy installation uses docker. The client supports Windows and Linux machines. This guide uses Ubuntu for the server and client.

Ghost Linux Server Install

Install Docker

  • Dependencies
    1
2
3
4
5
6
7

      $ sudo apt-get update
  $ sudo apt-get install \
    apt-transport-https \
    ca-certificates \
    curl \
    gnupg \
    lsb-release
  • GPG key
    1

      $ curl -fsSL https://download.docker.com/linux/ubuntu gpg | sudo gpg --dearmor -o /usr/share/keyrings/docker-archive-keyring.gpg
  • Setup stable repo
    1
2
3

       $ echo \
    "deb [arch=amd64 signed-by=/usr/share/keyrings/docker-archive-keyring.gpg] https://download.docker.com/linux/ubuntu \
    $(lsb_release -cs) stable" | sudo tee /etc/apt/sources.list.d/docker.list > /dev/null

    Install Docker Engine

  • Get and Install Packages
    1
2

      $ sudo apt-get update
  $ sudo apt-get install docker-ce docker-ce-cli containerd.io
  • Verify install
    1

    $ sudo docker run hello-world

    Install Docker Compose

    • Download stable release
      1

       $ sudo curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose`
    • Allow execution for binary
      1

       $ sudo chmod +x /usr/local/bin/docker-compose
    • Test install
      1

       $ docker-compose --version

      Install the Server

    • Download the docker yaml
      1

      $ wget https://raw.githubusercontent.com/cmu-sei/GHOSTS/master/src/Ghosts.Api/docker-compose.yml
    • Stand up ghost containers
      1

      $ docker-compose up -d
    • Test API

      Navigate to http://localhost:5000/api/home

    • Set up Grafana
      1. Access Grafana at :3000 via web browser
      2. Default login admin/admin
      3. Set up a datasource named “ghosts” to the ghosts postgres database
      4. import https://github.com/cmu-sei/GHOSTS/blob/master/configuration/grafana/dashboards/GHOSTS-default%20Grafana%20dashboard.json

        If restarts occur due to insufficient permissions, chown the host location of the docker-compose file.

Ghost Linux Client Install

Ubuntu Install

  • .NET Install
    1
2
3

    $ wget https://packages.microsoft.com/config/debian/10/packages-microsoft-prod.deb -O packages-microsoft-prod.deb
$ sudo dpkg -i packages-microsoft-prod.deb
$ rm packages-microsoft-prod.deb

    1
2
3
4

    $ sudo apt-get update; \
  sudo apt-get install -y apt-transport-https && \
  sudo apt-get update && \
  sudo apt-get install -y aspnetcore-runtime-5.0
  • Download Client
Training-SOC, Tools
tools ghosts traffic generation soc client
Recent Update
Contents

Tools - Suricata

Tools - Security-Onion

Comments powered by Disqus.