Step by Step Guide to install Maltrail on ubuntu 20.04 LTS

Maltrail is a free & open source traffic detection system. It is used for malicious traffic detection. It helps to discover unknown threats. We can monitor unknown threats by using web-interface.

It provides three components;

  • Sensor: It is used for monitors traffic for threats.
  • Server: It provides web interface for detected malicious traffic.
  • Client: It provides visualization and reporting.

There are few steps to install Maltrail on ubuntu:

Step 1: Update the System.

apt-get update

Step 2: Install the required packages.

apt-get install python-setuptools python3-pcapy

Step 3: Git clone the Maltrail.

git clone https://github.com/stamparm/maltrail.git

  • Here is the command output.

Step 4: Change the directory & Start the Maltrail Sensor.

cd maltrail/
python3 sensor.py &

  • Here is the command output.

  • To start the Maltrail server.

python3 server.py &

  • Here is the command output.

Step 5: Open the following port number on UFW firewall.

ufw allow 8338/tcp

  • Here is the command output.

Step 6: Access the Maltrail web-interface.

http://server-ip:8338

  • Here is the command output.
  • By default,username is admin  & password: changeme!
  • Click on Log In.

  • Now Maltrail is Ready.

Step 5: To change the admin password.

echo -n 'password_here' | sha256sum | cut -d " " -f 1
echo -n 'password' | sha256sum | cut -d " " -f 1

  • Copy the command output.

  • Configure the Maltrail file.

vim /home/ubuntu/maltrail/maltrail.conf

  • Change the username & Paste the command output.
  • Add the following lines:

USERS
Admin:5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8:0: ## New credentials

  • Here is the command output.

  • Kill the process & start the maltrail server.

pkill -f server.py
python3 server.py &

  • Now Open the Maltrail web-interface with new credentials.

 

Leave a Reply