[Bro] Bro Cluster using Vagrant Issues

Jon Schipp jonschipp at gmail.com
Thu Mar 10 16:11:07 PST 2016


The linked Vagrant configuration was used in the video and has been
recently updated -
https://github.com/jonschipp/vagrant/tree/master/bro-cluster
It will provision a Bro cluster with 3 machines - 1x manager, 2x worker
nodes. It automates the entire setup including the ssh configuration.

On Fri, Mar 4, 2016 at 7:21 AM, Cristian Daniel Barbaro <
cbarbaro at cert.unlp.edu.ar> wrote:

> You could make  cat .ssh / id_rsa.pub of master's file and then paste it
> into .ssh / authorized_keys file of each worker (if not exists, create it).
> Then you make sure if you can connect via ssh to each worker from master.
> Everything I do with root (in /root folder).
>
> Saludos.
>
> El 03/03/16 a las 13:35, Christopher De Jesus escribió:
>
> Well, that's the thing. I did it. not sure if I did it right, but I did
> what i know of RSA. I made the sss-keygen, used that same key and copied it
> into the shared folder and with the slave I took it and put it in the .ssh.
> Is there another way of doing it? Besides, every time I tried to do 'scp'
> it asked for the root password of the slave which I think it's a private
> key.
>
> On Wed, Mar 2, 2016 at 8:09 PM, Cristian Daniel Barbaro <
> <cbarbaro at cert.unlp.edu.ar>cbarbaro at cert.unlp.edu.ar> wrote:
>
>> Do you add ssh key of master in authorized_keys file in workers into .ssh
>> folder?
>> Maybe here is the problem.
>>
>> Sorry for my english.
>>
>> El 02/03/16 a las 18:01, Christopher De Jesus escribió:
>>
>> Hello, my name is Christopher and I’m doing undergrad research using Bro
>> to make an IDS for one of the servers of my mentor.
>>
>> One of my first approaches was to start doing this video:
>> <https://www.youtube.com/watch?v=it7SZli61ZM>
>> https://www.youtube.com/watch?v=it7SZli61ZM
>>
>> in which it setups a cluster using Vagrant. I’ve been struggling for at
>> least 5 days trying to make it work. I’ve changed permissions, ssh-keys,
>> etc.
>>
>> The thing is that every time is use ‘broctl’ and do ‘install’ or ‘deploy’
>> on it.. it says this:
>>
>>
>> Permission denied (publickey,password).
>>
>> Error: cannot create (some of the) directories
>> /nsm/bro,/nsm/bro/logs,/nsm/bro/spool,/nsm/bro/spool/tmp on node worker-1
>>
>>
>>  I used this site to install bro on Ubuntu of Vagrant:
>>
>> http://knowm.org/how-to-install-bro-network-security-monitor-on-ubuntu/
>>
>>
>>  So yeah, apparently my host doesn’t have control over its slaves even
>> tho’ I could ping to it. I used 10.2.2.10 for the host and 10.2.2.11 for
>> the slave in the Vagrantfile.
>>
>>
>>
>> Any other information that you guys need, let me know. This is pretty
>> much the overview of what i’ve done. Thank you in advance.
>>
>>
>> _______________________________________________
>> Bro mailing listbro at bro-ids.orghttp://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>>
>>
>> --
>> Cristian Daniel Barbaro
>> CERTUNLP
>> --
>>
>>
>
> --
> Cristian Daniel Barbaro
> CERTUNLP
> --
>
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>



-- 
Jon Schipp,
jonschipp.com, draconyx.net,  <http://goog_1056813495>open-nsm.net,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160310/561e107c/attachment.html 


More information about the Bro mailing list