ZotDefend Linux Instructions

ZotDefend Linux Installation (School of Physical Sciences ONLY)

Trellix Installation Instructions

The .tgz package (Linux) includes the following files:
HX Client Software (tgz bundle)

Agent .rpm files.
Agent .deb files.
Agent .run file ( xagtSetup_xx.x.x.run ).

Agent configuration file ( agent_config.json ). It is critical that you import the configuration file following install to insure that the agent
properly communicates with the server.

Example: Installing on Ubuntu OS using .deb file

Open a Terminal session on the Linux endpoint that has the agent installation .tgz package.
username@localhost:~/Desktop/FireEyeInstallDirectory$
Use the ls command to verify that the IMAGE_HX_AGENT_LINUX_33.46.0.tgz file has been exists in the install directory.
Use the tar zxf command to unzip and extract the files from the Linux agent
Use the dpkg , medium-level package manager for Debian and the -i option to run the .deb script and install the agent software on your Linux
endpoint. You must have sudo access.
username@localhost:~/Desktop/FireEye$ sudo dpkg -i xagt- .ubuntu12_amd64.deb33.46.0
After the .deb installation script is complete, use the i option to import the agent configuration file from the /opt/fireeye/bin/xagt binary path:
username@localhost:~/Desktop/FireEyeInstallDirectory$ sudo /opt/fireeye/bin/xagt -i agent_config.json
Start the agent services on your Linux endpoint using the following command:
username@localhost:~/Desktop/ FireEyeInstallDirectory$ sudo systemctl enable --now xagt

Nessus Tenable Agents

Nessus Tenable Agent Installation Instructions

Make sure outbound traffic from port 443 to https://nessus.oit.uci.edu is allowed through your firewall.
Install the Tenable agent with your package manager from the link above.
Contact pscsg@uci.edu to get the tenable key.
Run nessuscli agent link --host=nessus.oit.uci.edu --port=443 --key=KEY_PROVIDED_BY_PSCSG

Duo Desktop Downloads:

Linux .deb Package (Debian Based eg Ubuntu) https://desktop.pkg.duosecurity.com/duo-desktop-latest.amd64.deb
Linux .rpm Package (RHEL based) https://desktop.pkg.duosecurity.com/duo-desktop-latest.x86_64.rpm

Duo Desktop Agent Installation Instructions

Download the appropriate package for your distribution from the above link.
Install the package.
Enable the service. Eg on systemd distributions, run
```
sudo systemctl enable --now duo-desktop
```
Check to make sure the duo-desktop service is running. Eg. on systemd distributions, run
```
sudo systemctl status duo-desktop
```
If you get SELinux erros relating to .NET services, it's most likely Duo Desktop. Create an exception via:
```
ausearch -c '.NET TP Worker' --raw | audit2allow -M my-NETTPWorker
semodule -X 300 -i my-NETTPWorker.pp
```