#!/bin/bash
# Title: Install script for Big Brother
# Subject: I tried to make my notes a script this time.

# I'm reading the install directions, and following along with a shell scritp.

# create user
echo "Creating the group for big brother:  bigbrother"
if ( egrep "499|bigbrother" /etc/group )
then
	echo "group bigbrother does not exist, 499 is not used"
	echo "creating group big brother on 499"
	groupadd -g 499 bigbrother
else
   	echo "either bigbrother exits, or 499 is used"
	exit
fi

echo "create the big brother user:  bigbrother"
useradd -u 499 -g bigbrother -d /home/bigbrother -c "Big Brother" -s /bin/bash bigbrother -m

# look at the startup scritps for httpd.conf files.
# assign the location of the httpd.conf file to apache_config_file
apache_config_file=`grep -rn httpd.conf  /etc/init.d|sed 's/.*\(\/.*httpd.conf\).*/\1/' |sort -u`
echo "apache_config_file=$apache_config_file"

# find the main cgi-bin directory in the httpd.conf
# assing cgi-bin_dir the location of the cgi-bin dir.
cgi-bin_dir=grep -C20  \<Location\ \.*cgi-bin\> /etc/httpd/httpd.conf|grep \<Directory |sed 's/.* \"\(.*\)\".*/\1/'
echo "cgi-bin_dir=$cgi-bin_dir"

# make the cgi-bin dir for bb
mkdir /usr/local/httpd/cgi-bin/bb
# make the htdocs fir for bb
mkdir /usr/local/httpd/htdocs/bb

cp bb-1.8d1.tar.gz /home/bigbrother/
chown -R bigbrother:bigbrother /home/bigbrother

su - bigbrother
tar -zxvpf bb*.tar.gz
tar -xvpf *.tar

cd bb18d1
cd ./install
./bbconfig suse <<-EOF

Prevent the execution of BB as user 'root' (y/n) [y]: y
What will be the user ID of BB [bb]: bigbrother
Old-style directory structure (y/n): [n] n
Use FQDN (y/n): [y] n
What machine will be the BBDISPLAY [johns2]: johns2
What machine will be the BBPAGER [johns2]: johns2

Is this host a BBDISPLAY host (y/n): [y] 
Is this host a BBPAGER host (y/n): [y] 
Enter the default recipient: [root@localhost] john@stilen.com
Enter the base URL for BB [/bb]:
Enter CGI directory [/home/www/httpd/cgi-bin]: /usr/local/httpd/cgi-bin/bb
Enter the base URL of the CGI scripts [/cgi-bin]: /cgi-bin/bb
Enter web server user id [nobody]: wwwrun
Enter group name [nogroup]: nogroup
cd ../src
make
make install
cd ../..
chown -R bigbrother bbvar bb*
cd ../etc
echo "192.168.0.42 johns2 # BBDISPLAY BBPAGER BBNET" >> bb-hosts
./bbchkcfg.sh
cd ../..
ln -s bb18d1 bb
chown bigbrother:bigbrother bb
cd bb
chown -R bigbrother:bigbrother .
cd ..
chown -R bigbrother:bigbrother bbvar

ln -s /home/bigbrother/bb/www /usr/local/httpd/htdocs/bb
cd bb18d1
su - bigbrother
./runbb.sh start

# getting desperate:
  chown bigbrother:bigbrother /usr/local/httpd/htdocs/bb

# this fixed it ==> edit httpd.conf
<Directory />
    AuthUserFile  /etc/httpd/passwd
    AuthGroupFile /etc/httpd/group

    Options +FollowSymLinks +Multiviews
    AllowOverride None

</Directory>
<Directory "/usr/local/httpd/htdocs">

    Options Indexes +FollowSymLinks +Includes MultiViews
    AllowOverride None
    Order allow,deny
    Allow from all
        <IfModule mod_dav.c>
        DAV Off
        </IfModule>
<Files /usr/local/httpd/htdocs/index.htm*>
        Options -FollowSymLinks +Includes +MultiViews
</Files>
<Files test.php3>
        Order deny,allow
        deny from all
        allow from localhost
</Files>

</Directory>

------------------------------
su - bigbrother

vi README          to familiarize yourself with BB
vi README.INSTALL  and follow the instructions
    - stop and read README.SECURITY (2 pages)

su - bigbrother

#  Don't forget at the end of the installation process to 
chown -R bbuser:bbgroup bb<ver> bbvar


#-------------------------------
# snort2bb.pl
tar -zxvpf snort2bb-000831.tar.gz
cd  snort2bb-000831

 perl -MCPAN -e'install "Time::HiRes"'
 perl -MCPAN -e'install "File::Tail"'
 perl -MCPAN -e'install "IO::"'
 perl -MCPAN -e'install "IO"'

 BBDISPLAY=host IP address
 `uname -a` 		# on machine running snort
 ~bigbrother/bb/	# path to the Big Brother client (bb)
 path to /var/log/secure # default /var/log/snort/alert
 
 
 # run snort 
 /home/demarc/demarc/bin/demarcd -s 1
 
 
 # Arkeia
 cp bb-arkeia.sh ../bb/ext/
 chmod 755 ../bb/ext/bb-arkeia.sh 
 vi ../bb/ext/bb-arkeia.sh 
 	ARKIEA_POOLS
	ARKEIA_TAGS 
 vi /home/bigbrother/bb/etc/bbdef.sh
  #Append to Variale 
  BBEXT="bb-arkeia.sh"
vi  /home/bigbrother/bb_plugins/snort2bb-000831/startsnort.sh
    /usr/local/bin/snort -c  /home/demarc/demarc/conf/snort.conf  -oOq -h 192.168.0.0/24 -A fast&
cd bb_plugins/snort2bb-000831
cp snort2bb.pl startsnort.sh stopsnort.sh  ../../bb/ext/

######################33
# mtrg
cp bbmrtg.sh /home/bigbrother/bb/ext
chmod 555 /home/bigbrother/bb/ext/bbmrtg.sh
export BBHOME=/home/bigbrother/bb
cd $BBHOME
. ./etc/bbdef.sh
BBSLEEP=300;export BBSLEEP

mkdir /home/bigbrother/bb/mrtg
edit bbmrtg.sh 
  	RRD="/usr/bin/rrdtool"
	MRTGDIR="/home/bigbrother/bb/mrtg"
# monitoring/detecting VNC servers	
 cp bb-vnc.sh bb-vnc. bb-vnc.cfg.example ../bb/ext/
 mv bb-vnc.cfg.example bb-vnc.cf
 to      .helloworld    mkbb           pg             snort2bb.pl    stopsnort.sh


root /home/bigbrother/bb  602--> nedit etc/bbdef.sh
 
#BBEXT is set in runbb.sh
#		etc/bb-bbexttab 
#		etc/bbdef.sh
###############################
# bb-ntp  Install		
#vi bb-bbexttab  -->add bb-ntp.sh
#copy lines mentioned to bbsys.local
# 

# Checks for errors in:
# 	bdef.sh
#	bbinc.sh
#	bbsys.sh 
pushd $BBHOME/etc; ./bbchkcfg.sh; popd

# Checks for errors in:
#	bb-hosts
pushd $BBHOME/etc; ./bbchkhosts.sh; popd

# start it up:
# After start, examine the BBOUT file for errors

# When you have all of your hosts defined in etc/bb-hosts,
# create a tarball for BB clients of same OS and hardware 
$BBHOMEinstall/bbclient