-
Notifications
You must be signed in to change notification settings - Fork 159
Windows Setup
###1. FIDO Installation
FIDO is a x64 bit executable and the self-contained installer will by default install to the %program file%/fido directory. Because it is self-contained it can be installed in other locations. Simply double-click the install file and follow the on-screen prompts.
Underneath /fido/ directory contains the following subdirectories:
/data
/media
/nmap (will likely be deprecated)
/plink
The /data directory is used to store the FIDO databased. The /media is used to store media files and email templates associated with alerts. The /nmap directory is used to store and shell execute nmap commands for host discovery. The /plink directory is used to store and shell execute ssh commands for host discovery.
###2. Support Files
FIDO needs the following support files for the optional host detection functionality.
NMAP Zip binary
Plink Executable
Once downloaded put the NMAP files into the /fido/nmap/ directory and the plink.exe into the /fido/plink/ directory.
###3. Database Configuration
For the current release all edits are made directly to the FIDO database. We are currently building an administrative UI where you will be able to make these configurations instead of having to edit the database. Until then you'll need a handy database editor. You can find several at the below URL.
You should get familiar with the current version of the database by going over the technical docs of the database.
To get started configuring your first detector load up the FIDO database (/data/fido.db) and open the configs_detectors table. By default in this table you'll find four example detectors using the API (Cyphort), SQL (Bit9), log (Sophos) and email (FireEye) detectors. Follow the setup guides below for more information.