Netshot installation on a Debian-based machine

16 Nov, 2014 | By Netshooter

Netshot is out, you can freely download it and install on your own servers.

Netshot is a Java standalone application, so it can be deployed roughly on any OS. It will run as a daemon. It embeds an HTTPS server (so you can work with it!) and do all the stuff.

Here is a guide for an installation on a Debian-based Linux (Debian, Ubuntu, Mint, etc.).

What do you need before starting? A machine (can be virtual) running on of these operating systems in a fairly recent version.

Note: If you don't have Netshot and copy the package onto your server.

  • Unzip the package.

    $ unzip netshot_x.y.z.zip

  • Install a database server and create the database for Netshot.

    $ sudo apt-get install mysql-server $ mysql -u root > CREATE DATABASE netshot01 CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci; > GRANT ALL PRIVILEGES ON netshot01.* TO 'netshot' IDENTIFIED BY 'netshot'; > quit

  • Install Java 8. The simplest solution is probably to use the PPA from webupd8team. If add-apt-repository is available on your system:

    $ sudo add-apt-repository ppa:webupd8team/java $ sudo apt-get update $ sudo apt-get install oracle-java8-installer

    Otherwise, manually add the source list and import the key. Follow the instructions on this page: http://www.webupd8.org/2014/03/how-to-install-oracle-java-8-in-debian.html.
    Check the running Java version, it should be 1.8.x:

    $ java -version 2>&1 | grep version

  • Add a dedicated system user.

    $ sudo adduser --system --home /usr/local/netshot --disabled-password --disabled-login netshot

  • Create a SSL certificate for the embedded HTTPS server. Of course, if you own a certificate authority, you can use it to sign your certificate. The example below just generates a self-signed certificate (which means you'll get a security alert in your browser when opening Netshot).

    $ sudo keytool -genkey -keyalg RSA -alias selfsigned -keystore netshot.jks -storepass password -validity 3600 -keysize 2048

    Simply press Enter when prompted for a password. And move the certificate to the right place.

    $ sudo mv netshot.jks /usr/local/netshot

  • Prepare files.

    $ sudo cp netshot.jar /usr/local/netshot $ sudo mkdir /usr/local/netshot/drivers $ sudo chown -R netshot /usr/local/netshot $ sudo cp initd-netshot /etc/init.d/netshot $ sudo chown root:root /etc/init.d/netshot $ sudo chmod +x /etc/init.d/netshot $ sudo mkdir /var/log/netshot $ sudo chown -R netshot /var/log/netshot $ sudo cp netshot.conf /etc/netshot.conf $ sudo chown root:root /etc/netshot.conf

  • Start Netshot.

    $ sudo service netshot start

  • Manually create the initial Netshot user.

    $ mysql -u root > USE netshot01; > INSERT INTO user (level, local, username, hashed_password) VALUES (1000, 1, 'netshot', '7htrot2BNjUV/g57h/HJ/C1N0Fqrj+QQ');

    Netshot should be now available on https://[your server IP]:8443. Connect with username = netshot, password = netshot and you can start enjoying Netshot.

  • (Optional) Port translation. If you want Netshot to detect changes from Syslog and/or SNMP messages sent by the devices, you can translate the UDP ports using iptables:

    $ sudo cp ifup-netshot /etc/network/if-up.d/netshot $ sudo chown root:root /etc/network/if-up.d/netshot $ sudo chmod +x /etc/network/if-up.d/netshot

  • (Optional) Start Netshot at boot time.

    $ sudo update-rc.d netshot defaults

    • Tags : netshothowtoinstallrelease