Atomic Protector Installation Guide

Introduction

Atomic Protector is designed to integrate with your existing operating system. Customized environments that deviate from OS vendor designed standards, and packaging should consult with our services group for a custom solution.

Before You Start

Please note: If you purchased a Rules Only subscription, please go to, and follow the instructions here: https://www.atomicorp.com/wiki/index.php/Atomic_ModSecurity_Rules#Optional_Manual_Installation .

If you purchased Atomic Protector, then continue reading this document.

Prerequisites

Please ensure that your system meets all prerequisites before installing Atomic Protector. The AP prerequisites page includeds important information outlining the systems requirements for AP to install and function correctly, as well as recommendations for it to perform optimally.

Installation and Downloads

Command Line Installation:

Step 1: Read the Notes

  • Confirm that your system meets the Atomic Protector requirements, which are documented on the Atomic Protector Prerequisites page.

Note

Atomic Protector will harden your system, so when building a new system or installing other software, we recommend installing Atomic Protector last so that if can harden your system with all software installed.

Step 2: Run the Automated Atomic Protector Installer:

  • Become root on your system. To become root run this command:

su -

then enter your root password.

  • Cut and paste the command below, and run this command as root.

    wget -q -O - https://updates.atomicorp.com/installers/awp_standalone.sh  |bash

    Follow the instructions in the installer, being sure to answer the configuration questions appropriately for your system.

    Note

    You must have a version of WGET that supports HTTPS to install Atomic Protector, as described on the prerequisites page.

    If you do not get any output from the installation command it is likely wget was replaced with a version that does not support HTTPS. Please see this article to test if your WGET supports SSL.

    See the unattended installs article for advanced instructions for unattended installations.

Before you Reboot Your System

  • Check to make sure you can log in:

    • Check to make sure you haven’t locked yourself out of your system. If you told Atomic Protector to lock down SSH, make sure you can log into your system. Don’t close out your current session, log in with a new session. This way you can confirm that you haven’t installed bad ssh keys, or otherwise configured your server so you can’t log in.

    • If you are rebooting into the secure Atomic Protector kernel, make sure you have an alternative means to log into your system should your system encounter an issue rebooting. For example, a diverse means such as serial port access, or a KVM system, and not SSH or other direct network based remote access. If a Linux system fails to reboot, network based protocols like SSH will not work.

Post-Installation Quickstart/Configuration

Log into the GUI

  • The Atomic Protector Web Console can be found at the following:

    https://YOUR_SERVERS_IP:30001

    You can view alerts, block attackers, configure Atomic Protector and use its many features from the GUI.

    The username and password are the same credentials you created when you purchased your license. You can change the Atomic Protector control panel credentials by following the process here, and you can add additional users by following this process.

Log into the Support Portal

  • Finally, we highly recommend you click on the ‘Support’ tab in the Atomic Protector GUI, or go here to log into your support portal account.

  • The support system uses the same username and password used to install Atomic Protector (your Atomic Protector username and password). Please make sure you can log into the support portal to make use of the support portals features such as case management, bug tracking and the knowledge base.

Utilizing the Command Line to control Atomic Protector

If you are a command line person, you can also run or re-run many of Atomic Protector’s features from the command line. Below are a list of those commands.

  • Configure/Re-Configure Atomic Protector:

    awp -c

  • Scan the system for vulnerabilities, malware, and other security issues:

    awp -s

  • Scan th system for vulnerabilities, malware, and other security issues and have Atomic Protector fix the system:

    awp -s -f

  • For a list of command line options in Atomic Protector:

    awp -h