Building Proxmox via OVH

Jackbox

Jackbox

Active Member
Jan 2, 2016
197
96
74
This is a thorough guide to be a baller af server master.

1. Connect into your Proxmox host via SSH:
Code: 
ip addr | grep "inet " | grep -v " 127" | cut -d " " -f6 | cut -d "/" -f1

This is your host's public IP address, so let's say your IP is:
158.1.1.157
Then your server's gateway would be 158.1.1.254

This should make sense, same as your main host IP, just last digits are 254.

You can also verify this gateway using the route command:
Code: 
route

So we should make note of this info: host IP, host gateway.

You may also notice the Iface shown via route is "vmbr0"

Nice! So we know some simple stuff, eek?
Let's nano into our interfaces file:
Code: 
nano /etc/network/interfaces

Mine currently looks like this:
Code: 
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

iface eno1 inet manual

auto vmbr0
iface vmbr0 inet dhcp
  bridge-ports eno1
  bridge-stp off
  bridge-fd 0

This is kind of ridiculous because not much is going to happen with this setup...

Something along the lines of this (at bottom) is what you eventually could get to with enough networking know-how.

Anyway, now what we will do is get the AlienVault iso installed just for giggles.

1586047107120.png

Make sure to upload the AlienVault ISO file (ossim) from: https://cybersecurity.att.com/products/ossim/download

1. Download the above ISO file
2. Upload into your local storage.

If you have issues uploading through the web form, then just use FileZilla or WinSCP on port 22 - place inside of:
/var/lib/vz/template/iso

1586047491061.png

Upon completion of your ISO being uploaded, you will want to go through configuring a VM but first how about we configure an IP address and generate a vMac (Virtual MAC)?

Navigate to your IP addresses inside OVH: https://ca.ovh.com/manager/dedicated/#/configuration/ip?tab=ip

1586047691470.png

Select your specific dedicated server with failover IP addresses already assigned/purchased.

1586047924689.png

Go ahead and select any of your IPv4 addresses "..." and then click "Add a virtual MAC"

1586047974526.png

I am going to use
ovh
and
ossim

You should also use ovh, then what you want to name your VM.

Now we create a VM inside Proxmox:
1586048095786.png

At the bottom, make sure "Advanced" is checked just so you can see all options.

Make sure to select your ISO:
1586048151038.png

I also have the default Linux selected: 5.x - 2.6 kernel.

Next the System config (defaults should be good).

For Hard Disk, just set that to 50GB perhaps, although more is better for storing greater number of SIEM logs. Next!

I have 2 physical CPUs so I am doing this setup, keep in mind this requires SSSE3 and I find this applies or works easiest via "host" option:
1586048370200.png

Next!

1586048605208.png

See the MAC address? That is going to be the vMac we generated earlier!

Now simply find your VM
Virtual Machine > 100 (ossim)
Select that and at the top right, click "Start" once it may take a bit to startup.

Now open the console, proceed through installing.

1586048737715.png

Inside your Console, go ahead and click then tap the Enter key to proceed setting up OSSIM.

Continue through English.

Continue through your country.

Continue through your keyboard.

From here you will see the AlienVault OSSIM install continue onward - you will shortly be prompted for an IP address.

The IP address will NEED to be the IP address matching up with your vMac we generated earlier.

Netmask can be 255.255.255.255

Leave the gateway blank for now.

The name server address can be left blank also.

Set a root pwd, continue, select your timezone, continue

Finally AlienVault will take some time to finish the install, this may take some time.

Have patience, we will resume this a little later.
 
Last edited:
Jackbox

Jackbox

Active Member
Jan 2, 2016
197
96
74
Ready-set-go
1586054701506.png

This thing froze up at "Running cdsetup", nothing like seeing Running cdsetup for 10 minutes and thinking wtf m8. So it finally cleared up and is booting as shown above.

My experience yields just let the thing keep running.

This thing is also taking forever to boot up, so I am not sure if it is just configuring for the first boot or what.

Eventually this gets here:
1586054946505.png

This init is going to take some minutes.

... now it is time to configure some IP magic.

Let's get into our VM network interfaces file to make some changes:
Firstly:
Code: 
nano /etc/network/interfaces
then
Code: 
auto eth0
iface eth0 inet static
    address 5.6.77.8
    netmask 255.255.255.255
    broadcast 5.6.77.8
    post-up route add 123.4.5.254 dev eth0
    post-up route add default gw 123.4.5.254
    post-down route del default gw 123.4.5.254
    post-down route del 123.4.5.254 dev eth0

Anywhere you see 5.6.77.8, place the IP address matching your vMac.
Anywhere you see 123.4.5.254, place the host system gateway.

Lastly, if you want to be able to use DNS to resolve domains:
Code: 
nano /etc/resolv.conf

Then just add this to the bottom:
Code: 
nameserver your_ns_ip
Replace your_ns_ip with the IP address you can find in Proxmox under your node > system > DNS...

If anyone has questions, please let me know but once you reboot - your server will be working! This is how to get servers up and running!!
 
Jackbox

Jackbox

Active Member
Jan 2, 2016
197
96
74
Also, if you want to quickly restart your networking:
Code: 
sudo /etc/init.d/networking restart

For quick troubleshooting w/o a full reboot - maybe snap your system before you break network configs, eh!? Isn't that what the feature is even for..
 
Jackbox

Jackbox

Active Member
Jan 2, 2016
197
96
74
So a few errors you may run into:
1. You might see "Failed to authenticate." which is annoying and so let's firstly try to upgrade/update OSSIM.
2. "Resolving data.alienvault.com" might fail which could result in an error like "Invalid signature for upgrade file (AV4)" - this means your NS resolutions are failing, for a quick fix just "
nano /etc/resolv.conf
" then add:
nameserver 8.8.8.8

This will begin using Google's DNS as your NS resolver which works well if you are resolving public IP/hostnames.. if you need internal DNS, then you probs know wtf to do - if not then g'luck m8. Figure it out lol

Anyway, jailbreak AlienVault and upgrade/update system so things are latest - because ideally we want to make sure we are on latest stable.

...

Here is some serious funny stuff now tho, you are goin' to need to reboot and it will hang - so actually do not reboot , follow this stuff first:
 
Asphyxia

Asphyxia

Owner
Administrator
Apr 25, 2015
1,845
2
2,199
327
Just rebuilt this similar build using Hyper-V, going to condense these down into two simple tutorials. Just not finding much content covering these, so I am going to try to make "simple" how-tos with this for anyone wanting to build out servers.
 
You must log in or register to reply here.
Top