Monday, May 5, 2014

How to install Openfire 3.9.2 on Ubuntu Server 12.04 LTS


Dear readers,


I have been unable to find a complete guide on how to install Openfire on Ubuntu, so I have decided to write one for my own reference and for others who are interested on the how-to. I hope this is beneficial to anyone who needs to get this done. The aim is to make it as brief as possible.

1. On the Ubuntu Server 12.04



There are sometimes problem with the DNS, so we've got to edit the hostname in the /etc/hosts as well.

$sudo apt-get update
$sudo apt-get upgrade
$sudo vim /etc/hosts

Then add the following entry to the hosts:

127.0.1.1 YourHostNameHere

Be sure to open the following ports for Openfire to work:
  • 3478 - STUN Service (NAT connectivity)
  • 3479 - STUN Service (NAT connectivity)
  • 5222 - Client to Server (standard and encrypted)
  • 5223 - Client to Server (legacy SSL support)
  • 5229 - Flash Cross Domain (Flash client support)
  • 7070 - HTTP Binding (unsecured HTTP connecitons)
  • 7443 - HTTP Binding (secured HTTP connections)
  • 7777 - File Transfer Proxy (XMPP file transfers)
  • 9090 - Admin Console (unsecured)
  • 9091 - Admin Console (secured)

2. Install Java 8


(We'd have to do this manually since Ubuntu ditched Java some few years ago).
(Contents are from this page here: Link Thanks to he who posted this).
$sudo add-apt-repository ppa:webupd8team/java
$sudo apt-get update
$sudo apt-get install oracle-java8-installer
Once installed, running "java -version" in a terminal should output something like this:
$ java -version
java version "1.8.0"
Java(TM) SE Runtime Environment (build 1.8.0-b132)
Java HotSpot(TM) 64-Bit Server VM (build 25.0-b70, mixed mode)
Or, "javac -version":
$ javac -version
javac 1.8.0
And so on.

To automatically set up the Java 8 environment variables, you can install the following package:
$sudo apt-get install oracle-java8-set-default

3. Download and Install Openfire 3.9.2


User wget command to download Openfire to a directory of your choice. This case, I make a new folder on the home directory called 'installs', and navigated to it.

And I changed the name of the downloaded file to a more sensible one.

Untar it, and move the result openfire directory to /opt/

$cd ~
$mkdir installs
$cd installs

$wget http://www.igniterealtime.org/downloadServlet?filename=openfire/openfire_3_9_2.tar.gz

$mv downloadServlet\?filename\=openfire%2Fopenfire_3_9_2.tar.gz openfire_3_9_2.tar.gz

$sudo mv openfire /opt/

(You might want to change the version number if you are from the future...I mean if there's a newer version during the time of your installation.)


4. Configure Openfire


(From: This guide, Thank you)

Edit the configuration file /opt/openfire/conf/openfire.xml, inserting your internal IP address in the <interface> section, and removing the "<!-- -->" comment markers that surround the <network> section. While not required, this action is helpful if your Linode has multiple IP addresses, and you wish to limit access to a single address.

File excerpt:
/opt/openfire/conf/openfire.xml

  1. <interface>12.34.56.78</interface>
- Add a symbolic link for the daemon script to /etc/init.d so that you can start the daemon with a call to service. 
- Make Openfire an autostart service if the server is rebooted.
- And then start Openfire.

  1. $sudo ln -s /opt/openfire/bin/openfire /etc/init.d/
    $sudo update-rc.d openfire defaults
    $sudo service openfire start
    
Now you can use your browser to navigate to your Openfire configuration page:

http://yourhostnameORipaddr:9090

Please refer to this guide, on how to configure your settings on the configuration page. See next section [5.] for your choice of a database.

5. MySQL or Openfire Embedded database (Ignore this one if you are not using a dedicated database)


You will be given a choice during your settings on the configuration page. If you don't feel the need to use a dedicated database, please just choose the embedded database Openfire offers. On the other hand, it's a best practice to use a dedicated database server for your Openfire, which can be installed on your Ubuntu server. In this case, I choose MySQL which comes handily with LAMP. Please follow the instruction below. (I'd figure if you don't need LAMP, you could install just MySQL only.)

(From this guide, Thank you.)

Install LAMP Stack (Linux,Apache, Mysql, PHP) with command below:
$sudo apt-get install lamp-server^
Install PHP5 (Some applications require other PHP5 mods) with command:
$sudo apt-get install php5 php5-gd php5-mysql php5-curl php5-cli php5-cgi php5-dev
Install phpmyadmin (Choose apache2 by hitting the space bar, then tab to OK and hit Enter).
$sudo apt-get install phpmyadmin
Then create a database for your Openfire with your MySQL credentials:

$mysqladmin -u username -p create [databaseName]
After this, you should be able to use your database in the Openfire Configuration page.
Note: For best practice, it's vital for security purposes to create an openfire user account to use the database along with its credentials. But this is beyond the scope of this guide. If you're a first-timer but want to try this out fast, just use the root account and password.

7. Summary


Well that's it. I hope you enjoy the tutorial and hopefully it is as painless as I had wished it to be.
Have a great one guys!


Tuesday, February 25, 2014

Elitism Enhancements for Genetic Algorithm based Network Intrusion Detection System

Elitism Enhancements for Genetic Algorithm based Network Intrusion Detection System

Abstract:


Traditional signature-based Network Intrusion Detection Systems (NIDS) suffer from high false negative rate because it can detect an intrusion only if there is an existing rule matching the particular real-time attack. The combination of Genetic Algorithms, network security schemes, and IDS practices has created a model of intelligence system that has the ability to derive new best-fit classification rules from already known attack patterns. Nevertheless, the existing NIDS approaches in this paradigm still experience substantial overhead and limited variety of resulting NIDS rules. We propose in this paper a new genetic algorithm-based NIDS called AceGA, which introduces three novel enhancements namely Wildcard Weight Penalty, Ace Comparison Elimination, and Elite's Traits Induction. It is shown that AceGA provides decreased time overhead and better rules quality. For demonstration purposes, DARPA datasets from MIT Lincoln Lab are used for training and testing the intrusion detection rules. Several simulation experiments are conducted to evaluate the efficiency and effectiveness of each of our proposed enhancements including the overall capability of AceGA to detect our selected types of attacks with satisfactory true positive and false positive rates. Additional statistical results depicting the accuracy, precision, sensitivity, and specificity of the resulting rules are thoroughly analyzed.

Keyword
 Genetic Algorithms, Intrusion Detection System, Network Security, Support-Confidence Framework, Evolutionary Process.

Tanapuch Wanwarang, Machigar Ongtang, "Elitism Enhancements for Genetic Algorithm based Network Intrusion Detection System", JCIT: Journal of Convergence Information Technology, Vol. 8, No. 17, pp. 31 ~ 42, 2013

http://www.aicit.org/jcit/global/paper_detail.html?jname=JCIT&q=4159

http://www.aicit.org/JCIT/ppl/JCIT4159PPL.pdf

Sunday, February 23, 2014

Published my first paper.

Dear all,

I haven't been posting on this blog for quite a while now that I've graduated. Got a job at Dimension Data, a system integration firm. Life is alright.

Nevertheless, I and my professor have been able to published our paper:

"Elitism Enhancements for Genetic Algorithm based Network Intrusion Detection System"

Basically, it's about using Genetic Algorithm to auto-generate intrusion detection rules from existing rules.

Please kindly read the abstract and view the paper here:
http://www.aicit.org/jcit/global/paper_detail.html?jname=JCIT&q=4159

Direct access to the paper (PDF format) here:
http://www.aicit.org/JCIT/ppl/JCIT4159PPL.pdf