James Eduard

James Eduard

  • Vulnerability Scanner
  • Web Application

    • Shadowd – The Shadow Daemon Web Application Firewall Server

    pir8g33k2 mins0

    Shadow Daemon is a collection of tools to detect, record and prevent attacks on web applications. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability.
    This is the main component that handles the analysis and storage of requests.
    Installation
    The easiest way to install the main component of Shadow Daemon – the background server – is to use the packet manager of your distribution or Docker.
    Debian / Ubuntu
    The package is still awaiting sponsorship, so it is not possible to install it with apt-get from the official repositories yet. Please download and install the deb package manually instead.

    dpkg -i shadowd_2.*.deb
apt-get -f install

    On Ubuntu you can also use PPA to install the package:

    add-apt-repository ppa:zit-hb/shadowd
apt-get update
apt-get install shadowd

    Red Hat / CentOS
    The package is still awaiting sponsorship, so it is not possible to install it with yum from the official repositories yet. Please download and install the rpm package manually instead. For some of the dependencies you will need the EPEL repository (extra packages for enterprise linux).

    yum install epel-release

yum localinstall shadowd-2.*.rpm
systemctl enable shadowd

    Preparation
    Use cmake to configure and prepare the project. It is a good idea to create a separate directory for this. A typical installation might look like this.

    mkdir build
cd build
cmake -DCMAKE_INSTALL_PREFIX:PATH=/usr -DCMAKE_BUILD_TYPE=Release ..

    Compilation:
    If cmake is successful it creates a makefile. Use it to compile and install the project.

    make shadowd
make install

    Database:
    Install and configure a database server. At the moment shadowd officially supports PostgreSQL and MySQL. Afterwards create a new user and database for shadowd and import the correct layout.
    If you are using PostgreSQL you can use psql to import the layout.

    psql -Ushadowd shadowd < /usr/share/shadowd/pgsql_layout.sql

    If you are using MySQL you can use mysql to import the layout. The user requires the CREATE ROUTINE privilege.

    mysql -ushadowd -p shadowd < /usr/share/shadowd/mysql_layout.sql

    Configuration:
    The installer copies the configuration file to /etc/shadowd/shadowd.ini. The file is annotated and should be self-explanatory.

    Download Shadowd

    pir8g33k

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    Related Articles

    2 mins
    You May Have Missed