Latest Posts

Install Vulture WAF Cluster in VMWare Workstation


Vulture WAF Modules and Engines

Web Application Firewall modules:
1. Clustered mod_security, using hiredis [blacklisting]
2. mod_defender, aka "Naxsi for Apache2" [whitelisting]
3. mod_svm [machine learning]


Filtering Engine:

Client  <--> FreeBSD pf  <-->  Apache httpd  <----> following filters :
1. IP Reputation (Immediate Block)
2. Geo IP (Immediate Block)
3. mod_vulture (Authentication & SSO)
4. mod_defender (Request scoring ++)
5. mod_security (Request scoring ++)
6. mod_svm (Request scoring ++)

Architecture




Installation Steps

1. Downloading: https://download.vultureproject.org/v4/12.1/isos/vulture4-12.1-amd64.ova
2. Double click downloaded ova file to import into VMWare workstation


For Cluster Primary node vul1: 
3. Start VM 
4. Log in Vulture with username/password: vlt-adm/vlt-adm 
5. type 'admin' to start configuration tool, 
6. set up network config (static ip 192.168.74.10), change hostname vul1,  
7. exit from 'admin'. 
8. execute "sudo /home/vlt-adm/gui/cluster_create.sh" and create an account for Web GUI interface. For example: admin / [email protected]
9. Open Web browser https://192.168.74.10:8000/ 
10. Log in with created Web GUI account, such as admin / [email protected]

For Cluster Secondary node vul2:
11. Same process for second node to log in, admin->change to static ip 192.168.74.11, change hostname to vul2
12. restart vul2 via admin->root shell-> 'reboot' or "shutdown -r now"



Web GUI Overview


Home:



Vulture-Applications

Vulture-Darwin


Vulture-engine


Vulture-nodes


Vulture-Services








YouTube










References:












No comments