-------------------------------------------

DEMARC Network Security Monitor v. 1.05-RC2 

       ::Upgrade Document::

Website: http://demarc.org/
Updated: August 27, 2001  
Contributors:
 Demarc Team  (info@demarc.org)

-------------------------------------------


[Step 1: Unpack DEMARC]
-----------------------------------------
Home: http://demarc.org/
Source: http://demarc.org/downloads/demarc-105/demarc-1.05RC2.tar.gz

 In your shell:
 ------------------
 tar fxvz demarc-1.05-RC2.tar.gz

##########################
# Upgrading from DEMARC 1.04.XX:

 mv demarc-1.05-RC2 /usr/local/demarc

##########################
# Upgrading from DEMARC 1.05-RC2:

You can keep the same conf files that you modified for 1.05-RC2,
but you will need to copy over the newest versions of the following files:

 cp demarc-1.05-RC2/bin/demarcd /usr/local/demarc/bin/
 cp demarc-1.05-RC2/cgi/demarc /usr/local/demarc/cgi/
 cp demarc-1.05-RC2/cgi/stub_traffic_file /usr/local/demarc/cgi/
 cp demarc-1.05-RC2/cgi/templates/* /usr/local/demarc/cgi/templates/
 cp demarc-1.05-RC2/images/* /usr/local/demarc/images/

Make sure that the first line of the "demarc" and "demarcd" files
you just copied have the correct path to the perl interpreter on
your system. This usually does NOT need to be changed from the
default "#!/usr/bin/perl" though.

You will also need a new "tmp" directory under "/usr/local/demarc"
and it will need to be readable/writable by the owner of webserver.
Assuming the user is "nobody", you can do this as follows:
 
 mkdir /usr/local/demarc/tmp
 chown nobody /usr/local/demarc/tmp
 chmod 700 /usr/local/demarc/tmp

*If you don't know who the webserver runs as, you can get by by doing the
following, but it IS insecure and we recomend against it!:

 mkdir /usr/local/demarc/tmp
 chmod 777 /usr/local/demarc/tmp
  

-----------------------------------------
 

[Step 2: Patching the MySQL Database Schema]
-----------------------------------------

 Upgrading from DEMARC 1.04.XX
 -----------------------
 From /usr/local/demarc/install run "./patch_db.pl"

 It will prompt you for DB host, username, password, and db name, etc.  
 Please make sure the DB user specified  has enough privileges to alter
 the database schema (the default snort user does not).

 Select "1" when asked:
 >Which previous version of DEMARC are you upgrading FROM? 
 >   
 >1) 1.04.XX
 >2) 1.05-RC1

 It will then run the queries against your current DB schema.
 
 
 Upgrading from DEMARC 1.05-RC1
 -----------------------
 From /usr/local/demarc/install run "./patch_db.pl"

 It will prompt you for DB host, username, password, and db name, etc.  
 Please make sure the DB user specified  has enough privileges to alter
 the database schema (the default snort user does not).

 Select "2" when asked:
 >Which previous version of DEMARC are you upgrading FROM? 
 >   
 >1) 1.04.XX
 >2) 1.05-RC1

 It will then run the queries against your current DB schema.
 


[Step 3: Apache Preparation]
-------------------------------------------

 #########################
 NOTE:
 There are slight differences from the 1.04-XX releases, so this section 
 exists here in the UPGRADE document, however if you are upgrading from 
 1.05-RC1 you can skip this step.
 #########################

 Apache is the only supported webserver at this time, however that does not
 mean it won't work on other web servers. In fact, there's no real reason for
 it not to run on any server that runs perl scripts, however we've only
 tested it on Apache. If you test it on another webserver, please send us an
 email with the details.

 DEMARC will run much faster when using mod_perl, and is optimized for use with 
 mod_perl, however it will run perfectly with regular Perl as well, just a 
 little slower. If you are using Virtual Hosts place the following between your 
 <VirtualHost ...></VirtualHost> tags, otherwise place at the bottom of your 
 httpd.conf file. Replace your_domain with your actual domain name.

  In your httpd.conf:
  -------------------
  Redirect /demarc https://your_domain.com/dm/demarc
  Alias /dm_images "/usr/local/demarc/images"
  <Directory "/usr/local/demarc/cgi">
    AllowOverride all
    DirectoryIndex demarc
  </Directory>
  --------------------
  
  For regular Perl add:
  --------------------  
  ScriptAlias /dm "/usr/local/demarc/cgi"
  ---------------------

  For Mod_Perl add:
  --------------------  
  PerlModule Apache::Registry
  KeepAlive Off
  Alias /dm /usr/local/demarc/cgi
   <Location /dm>
      SetHandler perl-script
      PerlHandler Apache::Registry
      Options ExecCGI
      allow from all
      PerlSendHeader On
      DirectoryIndex demarc
   </Location>
  --------------------  

 Finally you will need to restart Apache.
 
 In your shell:
 --------------------  
 /usr/local/apache/bin/apachectl stop
 /usr/local/apache/bin/apachectl startssl
 ---------------------
 
 Demarc can therefore be accessed in either setup option via:

 https://yourhost.com/demarc 
  
-------------------------------------------


[Step 4: Upgrading Demarc Console]
-------------------------------------------

 Make sure the demarc script in the new directory is executable 
 by the user the webserver runs as...  
 If in doubt, just issue: 

 chmod 755 /usr/local/demarc/cgi/demarc
 chmod -R 644 /usr/local/demarc/cgi/templates
 chmod  755 /usr/local/demarc/cgi/templates
 

-------------------------------------------


[Step 5: Upgrading Demarc Client]
-------------------------------------------

 #Upgrading from 1.05-RC1:

 Simply make sure the demarcd file is executable only by root and then run the
 demarcd client as before.

ie:
  In your shell:
  ---------------
   chown root /usr/local/demarc/bin/demarcd
   chmod 700 /usr/local/demarc/bin/demarcd
 
   demarcd [-i <interface_name>]
  ---------------

 You can type "demarcd -g" (new switch) to make sure that it is running. If all went well
 it will show you the "DEMARC Client" process and the snort process running.

 If you should need to stop the client simply type "demarcd [-i <interface_name>] -k" in your shell.

 #Upgrading from 1.04-XX

 Please read the "Installing Demarc Client" section in the INSTALL document.

-------------------------------------------


[Final Notes]
-------------------------------------------

 First place to check for errors with the client is by typing "demarcd -D" to put it 
 into debug mode.  This will stay in the foreground and all debugging info
 will be piped to STDOUT.
 
 If you're getting an "internal server error", check the httpd error log first. If 
 you still can't figure it out, submit the question to the General Users mailing list 
 at http://lists.demarc.org/ and include any applicable errors from the error log.


 This doc should have got you up and running. More refined documentation, as well 
 as feature descriptions/instructions are on the way and will be accessible via the 
 website: http://www.demarc.org/

 Your comments and suggestions help, please send them to suggest@demarc.org

-------------------------------------------
 
