Installation

The software dependencies will install automatically for you when running the install scripts via the GUI. I'd recommend doing an apt-get update and apt-get ugrade prior to running Briar so apt can grab all the latest packages

The Setup

1. First, ssh into your PI under your preferred user (ex: 'pi' or 'root'): ssh -X pi@your_pi_ip
   ( the -X means X-forwarding which will forward the GUI to your computer used to access your PI. )
   
2. Next, clone the repo! git clone https://github.com/musicmancorley/BriarIDS.git
3. You should now be able to run the program: sudo python BriarIDS.py or if running as root simply python BriarIDS.py. The main menu should now be visible.
   
   Understanding the Menu
   
   

This button will start the installation for Suricata. The installation status can be followed by typing the following in a separate terminal: tail -f /usr/local/src/install_log.log
This button will start the installation for Bro and the Critical-Stack-Intel-Agent. The installation status can be followed by typing the following in a separate terminal: tail -f /usr/local/src/broinstall.log
This installation takes quite some time on the PI unit, but it is well worth the wait! It could take up to an hour or more depending on your PI unit model. It is assumed the user has a reasonable understanding of how Bro functions. If I have time I will add more information on how Bro works. For now, just know that Bro, as it applies to BriarIDS, detects malicious websites (from the intel feed you as the user will configure) using the Critical Stack agent and is simply a nice compliment solution to go alongside Suricata. More information on how this works more specifically can be found on the WIKI here: https://github.com/musicmancorley/BriarIDS/wiki/Configure-Bro-and-Critical-Stack-Agent