ICS Security Checklist
A web app used to inventorize computing devices in an industrial network, list their potential vulnerabilities and provide recommendations for solving them.
- Select a device used in the industrial network
- Check all enabled services on this device
- Add more devices if necessary
- Get a summary of all associated warnings per device and ways to fix them
- MySQL server (InnoDB)
The following is a guide on how to install the ICS Checklist application on a Debian 8.x 64bit server. Similar instructions apply to different operating systems.
A standalone MySQL installation can be used, though it is recommended to install phpMyAdmin along with it for easy management.
- Install a LAMP stack:
sudo apt-get install apache2 mysql-server php5 php-pear php5-mysql -y
- Secure the MySQL installation:
- Install PHPMyAdmin:
sudo apt-get install phpmyadmin
- Open the Apache configuration file:
sudo nano /etc/apache2/apache2.conf
- Add the following line:
- Restart the server:
sudo service apache2 restart
- You can now manage the database from your browser on the following address:
Login using your MySQL credentials.
Create a new database called
Download the latest version of the database from the GitHub repository
Select the ics-checklist database and go to Import. Select the downloaded .sql file and import it. You should now see several newly created tables.
- Install Node.js:
curl -sL https://deb.nodesource.com/setup_4.x | sudo -E bash - && sudo apt-get install -y nodejs
- Clone the repository:
git clone https://github.com/alexvanmaele/ics-checklist.git && cd ics-checklist
- Install all dependencies:
- Configure database access by editing following file:
Change the block starting with the
mysql.createConnectionfunction according to your MySQL database credentials.
Start the Node.js application:
- Start using the application from your browser on:
Should the web server encounter an error, it will log the exception to the console and exit by default. In order to automatically restart the server after a crash, you can use the forever npm package.
- Install forever:
sudo npm install forever -g
- Go to your project directory:
- Run the web server using forever:
forever start ./bin/www
You can now access the server like you would normally. Everything will be logged to the forever logs, which you can access using:
Should the server crash, forever will restart it.