Step by Step Guide to install Maltrail on ubuntu 20.04 LTS

Maltrail is a free & open source traffic detection system. It is used for malicious traffic detection. It helps to discover unknown threats. We can monitor unknown threats by using web-interface.

It provides three components;

• Sensor: It is used for monitors traffic for threats.
• Server: It provides web interface for detected malicious traffic.
• Client: It provides visualization and reporting.

There are few steps to install Maltrail on ubuntu:

Step 1: Update the System.

apt-get update

Step 2: Install the required packages.

apt-get install python-setuptools python3-pcapy

Step 3: Git clone the Maltrail.

git clone https://github.com/stamparm/maltrail.git

• Here is the command output.

Step 4: Change the directory & Start the Maltrail Sensor.

cd maltrail/
python3 sensor.py &

• Here is the command output.

• To start the Maltrail server.

python3 server.py &

• Here is the command output.

Step 5: Open the following port number on UFW firewall.

ufw allow 8338/tcp

• Here is the command output.

Step 6: Access the Maltrail web-interface.

http://server-ip:8338

• Here is the command output.
• By default,username is admin  & password: changeme!
• Click on Log In.

• Now Maltrail is Ready.

Step 5: To change the admin password.

echo -n 'password_here' | sha256sum | cut -d " " -f 1
echo -n 'password' | sha256sum | cut -d " " -f 1

• Copy the command output.

• Configure the Maltrail file.

vim /home/ubuntu/maltrail/maltrail.conf

• Change the username & Paste the command output.
• Add the following lines:

USERS
Admin:5e884898da28047151d0e56f8dc6292773603d0d6aabbdd62a11ef721d1542d8:0: ## New credentials

• Here is the command output.

• Kill the process & start the maltrail server.

pkill -f server.py
python3 server.py &

• Now Open the Maltrail web-interface with new credentials.