{"id":2863,"date":"2016-06-17T07:38:06","date_gmt":"2016-06-17T07:38:06","guid":{"rendered":"http:\/\/www.pir8geek.com\/?p=2863"},"modified":"2016-06-17T07:38:06","modified_gmt":"2016-06-17T07:38:06","slug":"shadowd-shadow-daemon-web-application-firewall-server","status":"publish","type":"post","link":"https:\/\/www.jameseduard.com\/?p=2863","title":{"rendered":"Shadowd &#8211; The Shadow Daemon Web Application Firewall Server"},"content":{"rendered":"<p><strong>Shadow Daemon<\/strong> is a collection of tools to <strong>detect<\/strong>, <strong>record<\/strong> and <strong>prevent<\/strong> <strong>attacks<\/strong> on <em>web applications<\/em>. Technically speaking, Shadow Daemon is a <strong>web application firewall<\/strong> that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability.<br \/>\nThis is the main component that handles the analysis and storage of requests.<br \/>\n<strong>Installation<\/strong><br \/>\nThe easiest way to install the main component of Shadow Daemon &#8211; the background server &#8211; is to use the packet manager of your distribution or Docker.<br \/>\n<strong>Debian \/ Ubuntu<\/strong><br \/>\nThe package is still awaiting sponsorship, so it is not possible to install it with apt-get from the official repositories yet. Please download and install the deb package manually instead.<\/p>\n<pre>dpkg -i shadowd_2.*.deb\napt-get -f install\n<\/pre>\n<p>On Ubuntu you can also use PPA to install the package:<\/p>\n<pre>add-apt-repository ppa:zit-hb\/shadowd\napt-get update\napt-get install shadowd\n<\/pre>\n<p>Red Hat \/ CentOS<br \/>\nThe package is still awaiting sponsorship, so it is not possible to install it with yum from the official repositories yet. Please <a href=\"https:\/\/shadowd.zecure.org\/files\/redhat\/\" target=\"_blank\" rel=\"noopener noreferrer\">download <\/a>and install the rpm package manually instead. For some of the dependencies you will need the EPEL repository (extra packages for enterprise linux).<\/p>\n<pre>yum install epel-release\n\nyum localinstall shadowd-2.*.rpm\nsystemctl enable shadowd\n<\/pre>\n<p><strong>Preparation<\/strong><br \/>\nUse cmake to configure and prepare the project. It is a good idea to create a separate directory for this. A typical installation might look like this.<\/p>\n<pre>mkdir build\ncd build\ncmake -DCMAKE_INSTALL_PREFIX:PATH=\/usr -DCMAKE_BUILD_TYPE=Release ..\n<\/pre>\n<p><strong>Compilation:<\/strong><br \/>\nIf cmake is successful it creates a makefile. Use it to compile and install the project.<\/p>\n<pre>make shadowd\nmake install\n<\/pre>\n<p><strong>Database:<\/strong><br \/>\nInstall and configure a database server. At the moment shadowd officially supports PostgreSQL and MySQL. Afterwards create a new user and database for shadowd and import the correct layout.<br \/>\nIf you are using PostgreSQL you can use psql to import the layout.<\/p>\n<pre>psql -Ushadowd shadowd &lt; \/usr\/share\/shadowd\/pgsql_layout.sql\n<\/pre>\n<p>If you are using MySQL you can use mysql to import the layout. The user requires the CREATE ROUTINE privilege.<\/p>\n<pre>mysql -ushadowd -p shadowd &lt; \/usr\/share\/shadowd\/mysql_layout.sql\n<\/pre>\n<p><strong>Configuration:<\/strong><br \/>\nThe installer copies the configuration file to \/etc\/shadowd\/shadowd.ini. The file is annotated and should be self-explanatory.<\/p>\n<p style=\"text-align: center;\"><a href=\"https:\/\/github.com\/zecure\/shadowd\">Download Shadowd<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Shadow Daemon is a collection of tools to detect, record and prevent attacks on web applications. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability. This is the main<\/p>\n","protected":false},"author":1,"featured_media":2865,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[615,278],"tags":[699,239,31,700],"class_list":["post-2863","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-vulnerability-scanner","category-web-application","tag-analysis","tag-database","tag-firewall","tag-postresql"],"_links":{"self":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/2863","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=2863"}],"version-history":[{"count":0,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=\/wp\/v2\/posts\/2863\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=2863"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=2863"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jameseduard.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=2863"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}