AED Installation Guide

Introduction

AED is designed to integrate with your existing operating system. Customized environments that deviate from OS vendor designed standards, and packaging should consult with our services group for a custom solution.


Before You Start

Please note: If you purchased a Rules Only subscription, please go to, and follow the instructions here: https://www.atomicorp.com/wiki/index.php/Atomic_ModSecurity_Rules#Optional_Manual_Installation .

If you purchased Atomic Secured Linux, then continue reading this document.


Prerequisites

Please ensure that your system meets all prerequisites before installing AED. The AED prerequisites page includeds important information outlining the systems requirements for AED to install and function correctly, as well as recommendations for it to perform optimally.


Installation and Downloads

Command Line Installation:

Step 1: Read the Notes
  • Confirm that your system meets the AED requirements, which are documented on the AED Prerequisites page.

Note

AED will harden your system, so when building a new system or installing other software, we recommend installing AED last so that if can harden your system with all software installed.

Step 2: Run the Automated AED Installer:

  • Become root on your system. To become root run this command:
su -

then enter your root password.

  • Cut and paste the command below, and run this command as root.

    wget -q -O - https://updates.atomicorp.com/installers/asl |sh
    

    Follow the instructions in the installer, being sure to answer the configuration questions appropriately for your system.

    Note

    You must have a version of WGET that supports HTTPS to install AED, as described on the prerequisites page.

    If you do not get any output from the installation command it is likely wget was replaced with a version that does not support HTTPS. Please see this article to test if your WGET supports SSL.

    See the unattended installs article for advanced instructions for unattended installations.

Step 3: (Optional) If you have the AED Kernel:

Once the installation is complete, if you want to use the secure AED kernel you will need to reboot your system to boot into the new hardened kernel that comes with AED. You do not have to use this kernel to enjoy the other features of AED, but we recommend you use the hardened kernel as it includes many additional security features that are not found in non-AED kernels.

Note

The secure AED kernel is not required to run AED, but it will make your system more secure and protect your system from attacks that your regular kernel can not.

VSP Based Systems

  • If you are using a VSP based virtualization technology, like openvz or Virtuzo, you can not install any kernel in a VPS. VPS’ do not have a kernel, they share the host systems kernel. Therefore, you will not be able to install the AED Secured Kernel, and do not need to reboot.

Cloud Linux

  • CloudLinux requires that you use their default kernel with their product. Therefore, you should not use the secure AED kernel with Cloud Linux. Please see this article to ensure you have your system configured to use the appropriately Cloud Linux kernel with their product.

    Note

    When using the Cloud Linux kernel AED will report security vulnerabilities in the Cloud Linux kernel. These security vulnerabilities are real. The Cloud Linux kernel does not include the necessary security enhancements to protect you from these vulnerabilities. Please direct any questions regarding Cloud Linux vulnerabilities to Cloud Linux support.

Control Panel Installation:

Installing AED via Plesk Extension

Step 1: Read the Notes

  • Confirm that your system meets the AED requirements, which are documented on the AED Prerequisites page.

Note

AED will harden your system, so when building a new system or installing other software, we recommend installing AED last so that if can harden your system with all software installed.

Step 2: Install AED from Plesk

  • To install Atomic Secured Linux using the Plesk Extension:

    Step 1: In the Extensions Catalog, select the ‘Security’ category and click on ‘Atomic Secured Linux’

    Step 2: Click the ‘Install’ button to install the extension

    Step 3: After the extension is installed, click the ‘Go To Extension’ link

    Step 4: Click the ‘Install’ button to install Atomic Endpoint Defender

Before you Reboot Your System

  • Check to make sure you can log in:

    • Check to make sure you haven’t locked yourself out of your system. If you told AED to lock down SSH, make sure you can log into your system. Don’t close out your current session, log in with a new session. This way you can confirm that you haven’t installed bad ssh keys, or otherwise configured your server so you can’t log in.
    • If you are rebooting into the secure AED kernel, make sure you have an alternative means to log into your system should your system encounter an issue rebooting. For example, a diverse means such as serial port access, or a KVM system, and not SSH or other direct network based remote access. If a Linux system fails to reboot, network based protocols like SSH will not work.

Post-Installation Quickstart/Configuration

Log into the GUI

  • The AED Web GUI can be found at the following:

    https://YOUR_SERVERS_IP:30000
    

    You can view alerts, block attackers, configure AED and use its many features from the GUI.

    The username and password are the same credentials you created when you purchased your license. You can change the AED control panel credentials by following the process here, and you can add additional users by following this process.

Log into the Support Portal

  • Finally, we highly recommend you click on the ‘Support’ tab in the AED GUI, or go here to log into your support portal account.

  • The support system uses the same username and password used to install AED (your AED username and password). Please make sure you can log into the support portal to make use of the support portals features such as case management, bug tracking and the knowledge base.


Utilizing the Command Line to control AED

If you are a command line person, you can also run or re-run many of AED’s features from the command line. Below are a list of those commands.

  • Configure/Re-Configure AED:

    asl -c
    
  • Scan the system for vulnerabilities, malware, and other security issues:

    asl -s
    
  • Scan th system for vulnerabilities, malware, and other security issues and have AED fix the system:

    asl -s -f
    
  • For a list of command line options in AED:

    asl -h
    

Important Notes

Kernel

  • See the Kernel page for additional information regarding the AED Kernel.