LUCY

User Tools

Site Tools

Trace:
on-premise_installation_checklist

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
on-premise_installation_checklist [2019/07/25 12:49] – external edit 127.0.0.1on-premise_installation_checklist [2022/10/14 08:17] (current) – [On premise installation technical procedure] lucy
Line 13: Line 13:
   * **DNS integration**. You can quickly setup new domains in LUCY. Details are described [[domain_configuration|here]]. Those domains could be used for the landing pages (Phishing or E-learning) or the mail sender (awareness and attack simulation). The internal clients will need to resolve those domains. Therefore, you need to create the according DNS entries also on your internal DNS server and point the records to LUCY. If the landing pages need to be accessed from users in the internet directly (without VPN), you need to make sure that the DNS records are also created on an externally accessible DNS server.    * **DNS integration**. You can quickly setup new domains in LUCY. Details are described [[domain_configuration|here]]. Those domains could be used for the landing pages (Phishing or E-learning) or the mail sender (awareness and attack simulation). The internal clients will need to resolve those domains. Therefore, you need to create the according DNS entries also on your internal DNS server and point the records to LUCY. If the landing pages need to be accessed from users in the internet directly (without VPN), you need to make sure that the DNS records are also created on an externally accessible DNS server. 
  
-  * **Creating DNS records**. You will need two domain types in LUCY: Attack simulation domains and domains for your awareness training. The **attack simulation domain** could be used for your phishing website in your attack simulation. We recommend reserving first a generic domain like "cloud-services625.com". If you create a wildcard A-record for that domain, you can then use a matching subdomain. Let’s say you prepare a phishing simulation with some web-based email service. Using the subdomain "webmail" would give you the domain "webmail.cloud-services625.com" for the landing page. If you ask the user to download a file, you could use "download.cloud-services625.com" etc. If you want to do more sophisticated attacks you can reserve a typo squatted version of your own domain name. Typo squatting is a technique of registering domain names which look similar to some legitimate domain name. For instance, given google.com, one example of typo squatting domain might be g00gle.com. You can use https://spoofing.lucysecurity.com  to verify what variations of a domain name are available. You can use the domain from your landing page also for the email sender (like sender@cloud-services625.com). But as the sender email domain is a free text field that can be used with any domain name, it is not required to reserve a domain for just sending emails. There are some rules though when it comes to sending on behalf of other domain names: You can only use domain names that really exist. You can only use domain names that are not SPF protected (unless you white list them on your mail server). You can only use domains that also have an MX record. That means, you cannot use "@apple.com" as there is an SPF entry for this domain. You also cannot use "@this-does-not-exist.com". But you could use "@example.com" - a domain that exists, but is not protected. The website MX Toolbox helps you verifying if a MX or SPF record exists. **Awareness Website Domain**: Try to avoid using the same domain for attack simulations as for the awareness training. If possible, point a trusted domain record to LUCY like "training.your-domain.com" and send awareness emails using your own mail server as a relay in LUCY.+  * **Creating DNS records**. You will need two domain types in LUCY: Attack simulation domains and domains for your awareness training. The **attack simulation domain** could be used for your phishing website in your attack simulation. We recommend reserving first a generic domain like "cloud-services625.com". If you create a wildcard A-record for that domain, you can then use a matching subdomain. Let’s say you prepare a phishing simulation with some web-based email service. Using the subdomain "webmail" would give you the domain "webmail.cloud-services625.com" for the landing page. If you ask the user to download a file, you could use "download.cloud-services625.com" etc. If you want to do more sophisticated attacks you can reserve a typo squatted version of your own domain name. Typo squatting is a technique of registering domain names which look similar to some legitimate domain name. For instance, given google.com, one example of typo squatting domain might be g00gle.com. You can use the domain from your landing page also for the email sender (like sender@cloud-services625.com). But as the sender email domain is a free text field that can be used with any domain name, it is not required to reserve a domain for just sending emails. There are some rules though when it comes to sending on behalf of other domain names: You can only use domain names that really exist. You can only use domain names that are not SPF protected (unless you white list them on your mail server). You can only use domains that also have an MX record. That means, you cannot use "@apple.com" as there is an SPF entry for this domain. You also cannot use "@this-does-not-exist.com". But you could use "@example.com" - a domain that exists, but is not protected. The website MX Toolbox helps you verifying if a MX or SPF record exists. **Awareness Website Domain**: Try to avoid using the same domain for attack simulations as for the awareness training. If possible, point a trusted domain record to LUCY like "training.your-domain.com" and send awareness emails using your own mail server as a relay in LUCY.
  
  
   * **HTTP/HTTPS access for recipients**: The landing pages and the E-learning needs to be accessible via http or https (see [[ssl_configuration|this chapter]] for SSL configuration). If users from the internet have to access those pages, you need to make sure that you have set up an according port forwarding rule on your firewall together with a NAT entry, that points to LUCY.   * **HTTP/HTTPS access for recipients**: The landing pages and the E-learning needs to be accessible via http or https (see [[ssl_configuration|this chapter]] for SSL configuration). If users from the internet have to access those pages, you need to make sure that you have set up an according port forwarding rule on your firewall together with a NAT entry, that points to LUCY.
  
-  * **HTTP/HTTPS access for LUCY:** LUCY needs to be able to connect to our update server "193.25.100.129 (update.phishing-server.com)". If you use a forwarding web proxy in your organisation, please make sure LUCY is configured to use that proxy (https://wiki.lucysecurity.com/doku.php?id=we_use_a_proxy_to_connect_to_the_internet).+  * **HTTP/HTTPS access for LUCY:** LUCY needs to be able to connect to our update server "162.55.130.83 (update.phishing-server.com)". If you use a forwarding web proxy in your organisation, please make sure LUCY is configured to use that proxy (https://wiki.lucysecurity.com/doku.php?id=we_use_a_proxy_to_connect_to_the_internet).
  
   * **Security products and whitelisting**: You need to ensure that the LUCY IP is whitelisted on all your security products (mainly the SPAM filters). Otherwise, you might end up blocking legitimate infrastructure elements within your own infrastructure.   * **Security products and whitelisting**: You need to ensure that the LUCY IP is whitelisted on all your security products (mainly the SPAM filters). Otherwise, you might end up blocking legitimate infrastructure elements within your own infrastructure.
Line 28: Line 28:
  
 **Hardware** **Hardware**
-Please make sure you have the hardware ready with sufficient disk space (>200 GB) and memory (>4 GB). More details here: https://wiki.lucysecurity.com/doku.php?id=hardware+Please make sure you have the hardware ready with sufficient disk space (>100 GB) and memory (>4 GB). More details here: https://wiki.lucysecurity.com/doku.php?id=hardware
  
 **Download** **Download**
 If you have decided to do an on premise installation you will first need to download LUCY from our webpage. Please choose one of our installers or images: If you have decided to do an on premise installation you will first need to download LUCY from our webpage. Please choose one of our installers or images:
  
-  * **Virtual Box**: http://download.phishing-server.com/dl/lucy-latest/virtualbox.zip +  * **Virtual Box**: https://download.phishing-server.com/dl/lucy-latest/virtualbox.zip 
-  * **Linux Installer**: http://download.phishing-server.com/dl/lucy-latest/install.sh +  * **Linux Installer**: https://download.phishing-server.com/dl/lucy-latest/install.sh 
-  * **ESX/ESXi**: http://download.phishing-server.com/dl/lucy-latest/esxi.ova +  * **ESX/ESXi**: https://download.phishing-server.com/dl/lucy-latest/esxi.ova 
-  * **Vmware Image**: http://download.phishing-server.com/dl/lucy-latest/vmware.zip +  * **ESX/ESXi (OVF)**: https://download.phishing-server.com/dl/lucy-latest/esxi_ovf.zip 
-  * **Amazon**: http://www.lucysecurity.com/PS/doc/dokuwiki/doku.php?id=installing_lucy_in_amazon+  * **Vmware Image**: https://download.phishing-server.com/dl/lucy-latest/vmware.zip 
 +  * **Amazon**: https://wiki.lucysecurity.com/doku.php?id=installing_lucy_in_amazon
  
 If you require a different format (e.g. ovf), search for the according converter (e.g. search for "convert ova to ovf"). All downloads are automatically treated as a community edition.  If you require a different format (e.g. ovf), search for the according converter (e.g. search for "convert ova to ovf"). All downloads are automatically treated as a community edition. 
Line 54: Line 55:
  
 **License:** **License:**
-Please send us the workstation ID (http://www.lucysecurity.com/PS/doc/dokuwiki/doku.php?id=how_to_activate_lucy&s[]=#where_to_find_the_workstation_id). +Please send us the workstation ID (https://wiki.lucysecurity.com/doku.php?id=how_to_activate_lucy). 
  
 **Mail setup** **Mail setup**
on-premise_installation_checklist.1564051798.txt.gz · Last modified: 2019/07/25 12:49 by 127.0.0.1