The following procedure describes how to configure the DMZ host and the local host for installing Kaspersky CyberTrace Service on one computer (in this section, referred to as local) and Feed Utility on another computer (in this section, referred to as DMZ).
Configuring a DMZ host
To configure a DMZ host, do the following:
These settings will be used for the local host.
Also, add the PEM-formatted certificate for configuring Kaspersky feeds that will be used. It is not necessary to add the Kaspersky CyberTrace license key on the DMZ host, since the Community edition allows the configuration of all supported feed types. Adding a license key is obligatory on the local host.
Ensure that the feeds are configured correctly by running a feeds update in CyberTrace at least once.
If custom feeds were previously configured in Kaspersky CyberTrace, also save the httpsrv/etc/custom_feed_list.conf
file for further use.
%service_dir%/dmz
directory to a location other than the %service_dir%
directory (for example, to the /opt
or /usr/local/etc
directory). Hereafter, the path to this directory will be referred as %dmz_fu%
.
If you have to add new feeds, install CyberTrace on the DMZ host again.
Settings
>Feeds
and Settings
>ProxySettings
from the exported kl_feed_util.conf
file (see Step 4) to the %dmz_fu%/kl_feed_util.conf
file (if the section is present in the target configuration file, replace this section).Do not remove the instance of the kl_feed_util.conf
file exported from CyberTrace, as well as the kl_feed_service.conf
. These files will be used on local host.
accepted
in the Settings
>EULA
tag of the %dmz_fu%/kl_feed_util.conf
file.<WorkDir>tmp_download</WorkDir>
in the Settings/WorkDir
of the %dmz_fu%/kl_feed_util.conf
file.%dmz_fu%/cron_dmz.sh
to the list of the cron tasks.The cron_dmz.sh
script enables downloading feeds on the DMZ host.
For example, specify the following line in the cron configuration file:
*/30 * * * * %dmz_fu%/cron_dmz.sh
In the example above, the cron_dmz.sh
script runs once in 30 minutes. You can set your own schedule to run the script.
Make sure that a cron user has access for running the %dmz_fu%/cron_dmz.sh
file.
Configuring a local host
To configure a local host, do the following:
systemctl stop cybertrace.service
command.%service_dir%/bin/.need_run_wizard
file.This action disables the initial configuration wizard, since configuration was previously completed on the DMZ host.
%service_dir%/etc/kl_feed_util.conf
and %service_dir%/etc/kl_feed_service.conf
files with the files that were obtained in Step 4 of section "Configuring a DMZ host".If custom feeds were previously configured in Kaspersky CyberTrace, replace or add (if the file was not present) the httpsrv/etc/custom_feed_list.conf
file.
%service_dir%/etc/kl_feed_util.conf
file, and then specify the following parameters:<NotifyKTFS path="../bin">true</NotifyKTFS>
<WorkDir>output</WorkDir>
<FeedsDir>../feeds/download</FeedsDir>
%service_dir%/etc/kl_feed_service.conf
file:Configuration
>InputSettings
>ConnectionString
Configuration
>GUISettings
>HTTPServer
>ConnectionString
Configuration
>GUISettings
>HTTPServer
>ResourcesIP
Set 0
in the update_frequency
attribute.This customization is applied, since the feeds files loaded on the DMZ host will be periodically synchronized by CRON, not CyberTrace.
%service_dir%/dmz/feeds.pem
file to feeds.pem.0
to avoid incorrect feeds updating when clicking the Launch update now button.%service_dir%/scripts/cron_cybertrace.sh
file, and then specify the following:RSYNC_USER
(user name on the DMZ host for authorization).RSYNC_HOST
(host name/IP address of the DMZ host).PATH_TO_FEEDS
(path to the %dmz_fu%/download
directory on the DMZ host).DOWNLOAD_DIR
("output").SSH_KEY
(make sure that you specified the same RSA key file path as described in Step 1 of section "Synchronizing directories that contain feeds").%service_dir%/scripts/cron_cybertrace.sh
to the list of the cron tasks.The cron_cybertrace.sh
script starts synchronizing the feeds files from the DMZ host. The example below shows that the cron_cybertrace.sh
file is launched once in 30 minutes and is started with five-minute delay relative to the cron_dmz.sh
script on the DMZ host:
5-59/30 * * * * /opt/kaspersky/ktfs/scripts/cron_cybertrace.sh
You can set your own schedule to run the script.
Make sure that the cron user has access for running the %service_dir%/scripts/cron_cybertrace.sh
file.
Run the systemctl start cybertrace.service
command.
Configuration
>GUISettings
>HTTPServer
>ConnectionString
.Never
for the Update frequency
parameter.