Configuring 3rd Party Modules for SecureX Integrations
This steps explains some easy steps to configure, upload and integrate 3rd Party enrichment modules. There are just some simple steps to do. The following steps are similar to all of the modules available on Github.
Before we start, let us clone a Template GitHub Repository, because it also includes a Python Script we need later to configure the JWT token.
Step: JWT Source: Clone the JWT Token Git Repository to download the Python Script for the token generation we need later: git clone https://github.com/CiscoSecurity/tr-05-jwt-generator.git. Note: This step needs to be done once. When adding additional Modules, you just have to copy the Python file, as listed in the following steps, into the appropriate Module directory.
We already downloaded the necessary source. This section describes how to generate all Tokens we need for the SecureX Integration authentication bearer and the AWS SECRET_KEY value.
Note: There are Modules available which to not need any Authentication Bearer, e.g. like the Shodan Module. So you can skip the JWT Token generation. Always take a look for specific Module Settings on GitHub.
Step: JWT Token: Generate anAPI keyfrom the3rd Party Vendor. Many of them a providing community or free APIs which can be used to test the Integration. Follow the steps and guides as outlined there.
Step: JWT Token: Now let´s generate a JWT Token (JSON Web Token), which is needed to authenticate. If you want to know more about this authentication mechanism, take a look at theDocumentation. The JWT Token can easily generated with a Python Script (we once again using the Example for AbuseIPDB).
Switch into the directory:cd /usr/local/SecureX/tr-05-serverless-abuseipdb/
copy the Python file jwt_generator.py: cp /usr/local/SecureX/tr-05-jwt-generator/jwt_generator.py ./
Note: Change the path of the command based on the Module you are adding to your environment.
Step: JWT Token: Generate the JWT Token by just executing the python script copied in the previous step:python3 jwt_generator.py dev.
Copy the 3rd Party API Key into the Terminal Window.
Take a look at the output.
(securex) sh-3.2# pwd
(securex) sh-3.2# python3 jwt_generator.py dev
Enter: Abuse IPDB API Key: FhFUAjPqS1mRFXUnb09eCXeiq7uSr0azbl2PF0fDcxxxxxxxxxx
Copy the output, you will need the generated tokens later.
Upload Serverless App to AWS
Now let us upload the Application to AWS:
Step: Upload/Deploy Package: Before uploading the WebApp to AWS, we have to ensure, that the s3_Package which is generated during upload, is unique. To do so, we have to modify the zappa_settings.json file. The easies way is to add your AWS AccountID to the s3_bucket definition in the zappa_settings.json file.
As rules below: 10 access-list 102 permit tcp any host 192.168.1.100 eq ftp
20 access-list 102 permit tcp any host 192.168.1.100 gt 1023 What is History, benefit, using gt and lt (line 20)?Is there meaning in ports sequence number?Regards.&...
Hi guys I have 2 ASA firewalls active/standby version 9.8(2) by ASDM I change the security level of the interface from 100 to 0then I found this message in below photo I didn`t read the message I want to finish this task quickly so I ...