salt toturial step by step

SALT ( Port Scan Attack Detector ) Tutorial 

Q : How to configure salt
Q : Step by Step PSAD Configure

SALT : it's a automation tool like ceph, puppet , ansible

Hostname : linuxtopic.com

IP = 172.17.20.100



Step 1. A

Add Repository

A. Ubuntu 14.4 :

a. Run the following command to import the SaltStack repository key:

#wget -O - https://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add -

b. Save the following file to /etc/apt/sources.list.d/saltstack.list:

deb http://repo.saltstack.com/apt/ubuntu/14.04/amd64/latest trusty main

c. Then update repository.

 apt-get update

B Ubuntu 16.4 :

a. Run the following command to import the SaltStack repository key:

wget -O - https://repo.saltstack.com/apt/ubuntu/16.04/amd64/latest/SALTSTACK-GPG-KEY.pub | sudo apt-key add -

b. Add  the following line in /etc/apt/sources.list.d/saltstack.list:

deb http://repo.saltstack.com/apt/ubuntu/16.04/amd64/latest xenial main

c. Then update repository.

 apt-get update

Step 1. B

Run the following commands to install the SaltStack repository and key:


C. CentOS7 & rhel7 :

sudo yum install https://repo.saltstack.com/yum/redhat/salt-repo-latest-1.el7.noarch.rpm

D. CentOS6 & rhel6 :

sudo yum install https://repo.saltstack.com/yum/redhat/salt-repo-latest-1.el6.noarch.rpm

Step 2  

Salt general installation process is as follows:

a.Make sure that your Salt minions can find the salt master.

b..Install the Salt minion on each system that you want to manage.

c.Accept the Salt minion key after the Salt minion connects.

Step 3

Salt Master installation and configuration:

ubuntu 14&16 :

sudo apt-get install salt-master

Rhel/CentOS 6&7:

sudo yum install salt-master

Step 4

Salt master configuration file:

vi /etc/salt/master

Edit the following lines:

#interface: 0.0.0.0 (uncomment and put your system ip address)

#publish_port: 4505 (uncomment the line)

#user: root (uncomment the line)

#ret_port: 4506 (uncomment the line)

#pidfile: /var/run/salt-master.pid (uncomment the line)

#pki_dir: /etc/salt/pki/master (uncomment the line)

#cachedir: /var/cache/salt/master (uncomment the line)

#pidfile: /var/run/salt-master.pid (uncomment the line)

#verify_env: True (uncomment the line)

#keep_jobs: 24 (uncomment the line)

#sock_dir: /var/run/salt/master (uncomment the line)

#file_roots: (uncomment the line)

# base: (uncomment the line)

# - /srv/salt/ (uncomment the line)

Save  and exit 

Step 5

Start salt-master service:

Ubuntu 14 and centos/rhel6:

sudo service salt-master start

Ubuntu 16 and Centos/Rhel7

systemctl start salt-master.service

Step 6


Salt-Minion Installation And Configuration:

Ubuntu 14 & 16:

sudo apt-get install salt-minion

Centos 6 & 7 :

sudo yum install salt-minion

Step 7


Salt master configuration file:

vi /etc/salt/minion

Uncomment & edit the following lines:

master: (master ip address"172.17.20.100" or domain name )
user: root
id: (xyz)

........

.......     Save and Exit 

S

Step 8

Start the service of salt minion

service salt-minion start (ubuntu14 & centos6) 

         systemctl start salt-minion.service (ubuntu16 & centos7) 

Step 9

Create Directory In Master System:

mkdir -p /srv/salt

Now Check the minion request on master system:

salt-key -L

Accepted Keys:

Denied Keys:

Unaccepted Keys: xyz

Rejected Keys:

Accept Minion key by command:

salt-key -A

Now connection is establish between master and minion.

Step 10

Automation type of salt: 

1. CLI Module (salt bash command if you have execute limited job perform)

2. State Module ( If you have to perform multiple jobs on minions.)

CLI Module:

In this module you can perform single task on minion like you want to create directory ram on minion so 

salt ‘*’ cmd.run ‘ mkdir /tmp/ram’

Here ‘*’ = all minion

Note: if you want to execute on single minion so you have mention its client id . If you want on xyz client so you will e execute 

salt xyz cmd.run ‘mkdir /tmp/ram’

you want execute ifconfig common on every minion 

salt ‘*’ cmd.run ‘ifconfig’

Step 11

Package installation on minion:-

salt ‘*’ pkg.install vim

State Module:-

In this phase of automation you can perform multiple task on minions. You can make own cookbook for you project.

Needs for salt state module.

1. Yaml Langaguge

2. Create /srv/salt directory to store your project cookbook

3. Knowldge of salt state function (file, git, apache, firewall etc)

Note: You have add .sls extension in your salt cookbook.

I am showing you example of psad cookbook.

1.Firstly go the /srv/salt directory:

2.And create psad.sls file.

3. Open file with ant text editor (i am using vim)

# vim psad.sls

psad:

pkg:

   - installed
   - show_changes: True


function1:

file.replace:

   - name: /etc/psad/psad.conf

   - pattern: 'EMAIL_ADDRESSES root@localhost;'

   - repl: 'EMAIL_ADDRESSES prashant.gupta@digivalet.com;'

   - show_changes: True

function2:

file.replace:

   - name: /etc/psad/psad.conf

   - pattern: '/var/log/messages'

   - repl: '/var/log/kern.log'

   - show_changes: True

function3:

file.replace:

    - name: /etc/psad/psad.conf

    - pattern: 'EMAIL_LIMIT 0;'

    - repl: 'EMAIL_LIMIT 1;'

    - show_changes: True

function4:

file.replace:

    - name: /etc/psad/psad.conf

    - pattern: 'IMPORT_OLD_SCANS N;'

    - repl: 'IMPORT_OLD_SCANS Y;'

    - show_changes: True

function5:

file.replace:

    - name: /etc/psad/psad.conf

    - pattern: 'ENABLE_AUTO_IDS N;'

    - repl: 'ENABLE_AUTO_IDS Y;'

    - show_changes: True

function6:

file.replace:

    - name: /etc/psad/psad.conf

    - pattern: 'AUTO_IDS_DANGER_LEVEL 5;'

    - repl: 'AUTO_IDS_DANGER_LEVEL 3;'

    - show_changes: True

function7:

file.replace:

    - name: /etc/psad/psad.conf

    - pattern: 'AUTO_BLOCK_TIMEOUT 3600;'

    - repl: 'AUTO_BLOCK_TIMEOUT 86400;'

    - show_changes: True


service1:  

service.running:

    - name: psad


Save  and Exit  file.

Now your PSAD project successfully install and configure..

Some Reference:

https://docs.saltstack.com/en/latest/