IntelMQ and other component installation
In this post we will be installing IntelMQ, IntelMQ API and IntelMQ Manager. We will be following the original guide provided by the developer.
A point to note is, I have initially tried to install the software on LXC system unfortunately I have failed when installing the system on to that platform then after couple of tries I have found that it was quite impossible to install and bring back up the system. I have then shifted to
Ubuntu 20.04 system and found it to be working.
We will be using the package method to install into the system. We will use the following commands to enter data into the
sources.list and install the packages. In some system
curl command is not present, we will use the following command to install.
sudo apt update sudo apt install curl gpg
Now we will add the following links into the sources.list so that we can directly pull packages
echo 'deb http://download.opensuse.org/repositories/home:/sebix:/intelmq/xUbuntu_20.04/ /' | sudo tee /etc/apt/sources.list.d/home:sebix:intelmq.list curl -fsSL https://download.opensuse.org/repositories/home:sebix:intelmq/xUbuntu_20.04/Release.key | gpg --dearmor | sudo tee /etc/apt/trusted.gpg.d/home_sebix_intelmq.gpg > /dev/null sudo apt update sudo apt install intelmq intelmq-api intelmq-manager -y
After downloading and installing the packages, it will ask for the IntelMQ API authentication.
In this case we have used the username as
user1 and pressed enter to continue.
Confirm the password.
Unless you know what you are doing, selecting
Yes is the good idea. As of now we are installing a fresh system and have no previous data and the primary objective now is to bring up the system.
After all of the tasks has been completed we can now browse to the url provided below to access the
intelmq-manager web interface to manage.
If we browse, we will get the prompt as provided below:
Then we will have to login. The authentication is the username and password we have provided above.
Now navigate to the management page and enable the bots to see if everything is working or not.
After the installation, we can see that another user was created called
intelmq and details can be seen in
intelmq:x:998:998:user running intelmq:/var/lib/intelmq/:/bin/bash
Please keep in mind that this user will be used to running the
intelmq services and other codes so you will need to keep an eye open if you are using any file-system based collections.
Unfortunately, I have spent a significant time trying to install it into