Install ESMC 7.x Ubuntu 18.04

ESET Protect
by prosperita :

#Install ESMC Ubuntu 18.04 (sesuaikan instalasi berikut berdasarkan bit OS nya)

# Ambil mysql apt config terbaru di http://dev.mysql.com/downloads/repo/apt/
wget https://dev.mysql.com/get/mysql-apt-config_0.8.12-1_all.deb

# Install mysql apt config
sudo dpkg -i mysql-apt-config_0.8.12-1_all.deb
# Pilih mysql 5.7 pada saat instalasi file mysql apt config

# Update OS
sudo apt update && sudo apt upgrade

# Install Dependencies
sudo apt install -y wget lshw default-jdk tomcat8 mysql-server unixodbc libodbc1 xvfb cifs-utils libqtwebkit4 krb5-user winbind ldap-utils snmp ldap-utils libsasl2-modules-gssapi-mit selinux-policy-dev samba apache2 apache2-utils

# Aktifkan module Apache berikut
sudo a2enmod access_compat auth_basic authn_core authn_file authz_core authz_groupfile authz_host proxy proxy_http proxy_connect cache cache_disk ssl headers aliassudo apt update && sudo apt upgrade

# Edit Konfigurasi Port Apache
sudo vim /etc/apache2/ports.conf

# Edit pada bagian listen
Listen 3128

# Edit Konfigurasi Apache untuk Cache :
sudo vim /etc/apache2/mods-available/cache_disk.conf

# Beri tanda pagar untuk konfigurasi sebelumnya dan masukkan konfigurasi Berikut sebelum bagian </IfModule>

##########################################################
################# Konfigurasi Cache ESET #################
# Enable HTTP Cache
CacheEnable disk http://
CacheDirLevels 4
CacheDirLength 2
CacheDefaultExpire 3600
CacheMaxFileSize 200000000
CacheMaxExpire 604800
CacheQuickHandler Off
CacheRoot /var/cache/apache2/mod_cache_disk
################### End Of Configuration ##################
###########################################################

# Cek Folder /var/cache/apache2/mod_cache_disk apakah ada atau tidak, jika ada skip langkah berikut
ll /var/cache/apache2

# Jika tidak ada folder mod_cache_disk, silakan jalankan langkah berikut
sudo mkdir /var/cache/apache2/mod_cache_disk
sudo chown www-data /var/cache/apache2/mod_cache_disk
sudo chgrp www-data /var/cache/apache2/mod_cache_disk

# Edit Konfigurasi Apache Proxy
sudo vim /etc/apache2/mods-available/proxy.conf
Masukkan Konfigurasi Berikut sebelum bagian </ ifmodule>


################# Konfigurasi Cache ESET #################
#ProxyRemote * http://user_proxy:password_proxy@IPSERVERPROXY:3128

ProxyRequests On
ProxyVia On

CacheLock on
CacheLockMaxAge 10
ProxyTimeOut 900

SetEnv proxy-initial-not-pooled 1

ErrorLog “|/usr/bin/rotatelogs -n 10 /var/log/apache2/error_log 1M”

<VirtualHost *:3128>
ProxyRequests On
</VirtualHost>

<VirtualHost *:3128>
ServerName r.edtd.eset.com

<If “%{REQUEST_METHOD} == ‘CONNECT'”>
Require all denied
</If>

ProxyRequests Off
CacheEnable disk /
SSLProxyEngine On

RequestHeader set Front-End-Https “On”
ProxyPass / https://r.edtd.eset.com/ timeout=300 keepalive=On ttl=100 max=10 smax=10
ProxyPassReverse / http://r.edtd.eset.com/ keepalive=On
</VirtualHost>

<Proxy *>
Deny from all
</Proxy>
#*.eset.com:
<ProxyMatch ^([h,H][t,T][t,T][p,P][s,S]?://)?([^@/]*@)?([a-zA-Z0-9-]{0,63}\.)?[a-zA-Z0-9-]{0,63}\.[e,E][s,S][e,E][t,T]\.[c,C][o,O][m,M](:[0-9]+)?(/.*)?$>
Allow from all
</ProxyMatch>
#*.eset.eu:
<ProxyMatch ^([h,H][t,T][t,T][p,P][s,S]?://)?([^@/]*@)?([a-zA-Z0-9-]{0,63}\.)?[a-zA-Z0-9-]{0,63}\.[e,E][s,S][e,E][t,T]\.[e,E][u,U](:[0-9]+)?(/.*)?$>
Allow from all
</ProxyMatch>
#*.eset.systems:
<ProxyMatch ^([h,H][t,T][t,T][p,P][s,S]?://)?([^@/]*@)?([a-zA-Z0-9-]{0,63}\.)?[a-zA-Z0-9-]{0,63}\.[e,E][s,S][e,E][t,T]\.[s,S][y,Y][s,S][t,T][e,E][m,M][s,S](:[0-9]+)?(/.*)?$>
Allow from all
</ProxyMatch>
#Antispam module (ESET Mail Security only):
<ProxyMatch ^([h,H][t,T][t,T][p,P][s,S]?://)?([^@/]*@)?(ds1-uk-rules-1.mailshell.net|ds1-uk-rules-2.mailshell.net|ds1-uk-rules-3.mailshell.net|fh-uk11.mailshell.net)(:[0-9]+)?(/.*)?$>
Allow from all
</ProxyMatch>
#Services (activation)
<ProxyMatch ^([h,H][t,T][t,T][p,P][s,S]?://)?([^@/]*@)?(edf-pcs.cloudapp.net|edf-pcs2.cloudapp.net|edfpcs.trafficmanager.net)(:[0-9]+)?(/.*)?$>
Allow from all
</ProxyMatch>
#ESET servers accessed directly via IP address:
<ProxyMatch ^([h,H][t,T][t,T][p,P][s,S]?://)?([^@/]*@)?(91.228.165.|91.228.166.|91.228.167.|38.90.226.)([0-9]+)(:[0-9]+)?(/.*)?$>
Allow from all
</ProxyMatch>

#Microsoft trusted roots distribution
<ProxyMatch (?i)^http:\/\/www.download.windowsupdate.com\/msdownload\/update\/v3\/static\/trustedr\/.*\/.*?$>
Allow from all
</ProxyMatch>
#Microsoft pki (crt and crl)
<ProxyMatch (?i)^http:\/\/.*\.microsoft\.com\/pki\/.*$>
Allow from all
</ProxyMatch>
# MS Network Connectivity Status Indicator https://technet.microsoft.com/en-us/library/cc766017(v=ws.10).aspx
<ProxyMatch (?i)^http://www.msftncsi.com/ncsi.txt$>
Allow from all
</ProxyMatch>
#Symantec/thawte ocsp/crl
<ProxyMatch (?i)^http:\/\/.*\.symcd\.com\/.*$>
Allow from all
</ProxyMatch>
#Symantec ocsp
<ProxyMatch (?i)^http:\/\/ocsp\.verisign\.com\/.*?$>
Allow from all
</ProxyMatch>

#Allow connection to my ESMC Server machine jika hostname dan IP
#<ProxyMatch ^(hostname\.example(:[0-9]+)?(\/.*)?|10\.1\.1\.123(:[0-9]+)?(\/.*)?)$>
#Allow from all
#</ProxyMatch>

#Allow connection to my ESMC Server machine jika FQDN atau hostname
#<ProxyMatch ^(console\.awanpintar(:[0-9]+)?(\/.*)?)$>
#Allow from all
#</ProxyMatch>

#Allow connection to my ESMC Server machine jika IP, dalam contoh adalah IP ESMC adalah 10.1.1.123
#<ProxyMatch ^(10\.1\.1\.123(:[0-9]+)?(\/.*)?)$>
#Allow from all
#</ProxyMatch>

AllowCONNECT 443 563 2222

################### End Of Configuration ####################

# Edit Konfigurasi htcacheclean Apache
sudo vim /etc/default/apache-htcacheclean

# Edit size dan interval htcacheclean
HTCACHECLEAN_SIZE=5000M
HTCACHECLEAN_DAEMON_INTERVAL=60
HTCACHECLEAN_PATH=/var/cache/apache2/mod_cache_disk
HTCACHECLEAN_OPTIONS=”-t -i”

## Restart apache service:
sudo service apache2 restart && sudo systemctl enable apache-htcacheclean && sudo systemctl restart apache-htcacheclean

# Test proxy
wget www.google.com -e use_proxy=yes -e http_proxy=MyDearERAServer:3128

# Jika Error

— http://www.google.com/

=> ‘index.html’

Connecting to YourDearERAServer:3128… connected.

Proxy request sent, awaiting response… 403 Forbidden

15:05:34 ERROR 403: Forbidden.


# Check yang telah di cache Apache Proxy
sudo htcacheclean -a -p /var/cache/apache2/mod_cache_disk

# Download ODBC mysql Ubuntu 5.3.10 (saat ini hanya bisa 5.3.10 atau dibawahnya, disarankan 5.3.10)
wget https://dev.mysql.com/get/Downloads/Connector-ODBC/5.3/mysql-connector-odbc-5.3.10-linux-ubuntu18.04-x86-64bit.tar.gz

# Ekstrak ODBC
tar xvzf mysql-connector-odbc-5.3.10-linux-ubuntu18.04-x86-64bit.tar.gz

# Kopi Driver ke folder ODBC
sudo cp mysql-connector-odbc-5.3.10-linux-ubuntu18.04-x86-64bit/lib/libmyodbc5* /usr/lib/x86_64-linux-gnu/odbc/

# Jika tidak bisa maka download untuk ubuntu 16.04
# Download ODBC mysql Ubuntu 5.3.10 (saat ini hanya bisa 5.3.10 atau dibawahnya, disarankan 5.3.10)
wget https://dev.mysql.com/get/Downloads/Connector-ODBC/5.3/mysql-connector-odbc-5.3.10-linux-ubuntu16.04-x86-64bit.tar.gz

# Ekstrak ODBC
tar xvzf mysql-connector-odbc-5.3.10-linux-ubuntu16.04-x86-64bit.tar.gz

# Kopi Driver ke folder ODBC
sudo cp mysql-connector-odbc-5.3.10-linux-ubuntu16.04-x86-64bit/lib/libmyodbc5* /usr/lib/x86_64-linux-gnu/odbc/

# Edit Mysql
sudo vim /etc/mysql/mysql.conf.d/mysqld.cnf

# Edit dan tambahkan pada bagian [mysqld] dengan konfigurasi berikut

# ESET Requirement
max_allowed_packet = 500M
innodb_log_file_size = 100M
innodb_log_files_in_group = 4
innodb_lock_wait_timeout=600

# Restart Mysql
sudo service mysql restart

# Edit ODBC
sudo vim /etc/odbcinst.ini

# Kopi konfigurasi berikut
##Untuk 64bit

[MySQL]
Description = ODBC for MySQL
Driver = /usr/lib/x86_64-linux-gnu/odbc/libmyodbc5w.so
Setup = /usr/lib/x86_64-linux-gnu/odbc/libodbcmyS.so
FileUsage = 1

##Untuk 32bit

[MySQL]
Description = ODBC for MySQL
Driver = /usr/lib/i386-linux-gnu/odbc/libmyodbc5w.so
Setup = /usr/lib/i386-linux-gnu/odbc/libodbcmyS.so
FileUsage = 1

#Download Package ESMC pada link berikut :
https://www.eset.com/int/business/security-management-center/download/#standalone

# Kopi file ESMC Console
sudo cp era.war /var/lib/tomcat8/webapps/

# Restart Service Tomcat
sudo service tomcat8 restart

# Tes ESMC Console
http://IP_ADDRES_ATAU_HOSTNAME:8080/era

# Ubah permission installer agar bisa di install
sudo chmod +x Server-Linux-x86_64.sh
sudo chmod +x Agent-Linux-x86_64.sh
sudo chmod +x MDMCore-Linux-x86_64.sh
sudo chmod +x RDSensor-Linux-x86_64.sh

# Install ESMC Server
sudo ./Server-Linux-x86_64.sh --skip-license --db-driver=MySQL --db-hostname=127.0.0.1 --db-port=3306 --db-admin-username=root --db-admin-password=mysqlpassword --server-root-password=passwordwebconsole --db-user-username=root --db-user-password=mysqlpassword --cert-hostname="*" --enable-imp-program

# Backup Certificate
https://help.eset.com/esmc_admin/70/en-US/export_a_public_key.html
https://help.eset.com/esmc_admin/70/en-US/export_a_public_key.html?export_certificate.html

# Install Agent
sudo ./Agent-Linux-x86_64.sh --skip-license --hostname=localhost --port=2222 --webconsole-hostname=localhost --webconsole-port=2223 --webconsole-user=administrator --webconsole-password=passwordwebconsole --cert-auto-confirm --enable-imp-program

# Install RDSensor
sudo ./RDSensor-Linux-x86_64.sh --skip-license

Info lebih lengkap https://help.eset.com/esmc_install/70/en-US/