Pull a statically linked RITA binary from github (#205)

* Pull a statically linked RITA binary from github rather than installing go and building from source
* Switch logic for config file replacement
* Added release instructions
* Fix installation instructions
* Fix https://github.com/activecm/rita/issues/189

Contributing.md

@@ -24,6 +24,8 @@ Just be sure to do the following:
 
 ## Contributing Code
 There are several ways to contribute code to the RITA project.
+Before diving in, follow the [Manual Installation Instructions](https://github.com/activecm/rita/blob/v1.0.0/docs/Manual%20Installation.md)
+
 * Add godoc comments and fix style compliance issues:
   * Run the [go metalinter](https://github.com/alecthomas/gometalinter)
   * Find a linting error and fix it
@@ -41,57 +43,24 @@ There are several ways to contribute code to the RITA project.
   * When you're ready to test code run `go test ./...` from the root directory
   of the project
   * Feel free to refactor code to increase our ability to test it
-  * Join our [IRC](https://github.com/activecm/rita/wiki/RITA-Gittiquette) to
-  learn more
 * Add new features:
   * If you would like to become involved in the development effort, please hop
    on our [OFTC channel at #activecm](https://webchat.oftc.net/?channels=activecm)
    and chat about what is currently being worked on.
 
 All of these tasks ultimately culminate in a pull request being issued,
-reviewed, and merged. When interacting with RITA through Git please check out
-the
-[RITA Gittiquette page](https://github.com/activecm/rita/wiki/RITA-Gittiquette).
-Go limits the ways you may use Git with an open source project such as RITA, so
-it is important that you understand the procedures laid out here.
+reviewed, and merged. 
 
 ### Gittiquette Summary
-* We currently have a dev and master branch on activecm
-  * Master is our tagged release branch
-  * Dev is our development and staging branch
-  * As more users come to rely on RITA, we will introduce a release-testing branch
-  for release candidates
 * In order to contribute to RITA, you must fork it
   * Do not `go get` or `git clone` your forked repo
   * Instead, `git remote add` it to your existing RITA repository
-* Checkout the dev branch `git checkout dev`
-* Split a branch off of dev `git checkout -b [a-new-branch]`
+* Split a branch off of master `git checkout -b [a-new-branch]`
 * Push your commits to your remote if you wish to develop in the public
-* When your work is finished, pull down the latest dev branch, and rebase
+* When your work is finished, pull down the latest master branch, and rebase
 your feature branch off of it
 * Submit a pull request on Github
 
-### Switching to the `dev` Branch
-* Install RITA using either the [installer](https://raw.githubusercontent.com/activecm/rita/master/install.sh) or
-[manually](https://github.com/activecm/rita/wiki/Installation)
-* `cd $GOPATH/src/github.com/activecm/rita`
-* `git checkout dev`
-* `make install`
-* Configure a config file for the dev branch
-  * Make a backup of your config file for the master branch
-  * Copy over the config from `etc/rita.yaml` to `~/.rita/config.yaml`
-  * Update the newly copied config to match your old one
-
 ### Common Issues
 * Building Rita using `go install` or `go build` yields a RITA version of `UNDEFINED`
   * Use `make` or `make install`.
-* The dev branch is likely to break compatibility with datasets processed using
-the master branch
-  * Usually, resetting analysis will take care of the incompatible datasets
-  * If the parser has been altered, a fresh import may be needed
-  * If errors persist, manually delete the MetaDB out of MongoDB
-* The dev branch is likely to break compatibility with the default installed
-config file at `~/.rita/config.yaml`
-  * Make a backup of your config file for the master branch
-  * Copy over the config from `etc/rita.yaml` to `~/.rita/config.yaml`
-  * Update the newly copied config to match your old one

Readme.md

@@ -8,25 +8,24 @@ Brought to you by Active Countermeasures.
 RITA is an open source framework for network traffic analysis.
 
 The framework ingests [Bro Logs](https://www.bro.org/), and currently supports the following analysis features:
- - **Beaconing**: Search for signs of beaconing behavior in and out of your network
- - **DNS Tunneling** Search for signs of DNS based covert channels
- - **Blacklisted**: Query blacklists to search for suspicious domains and hosts
+ - **Beaconing Detection**: Search for signs of beaconing behavior in and out of your network
+ - **DNS Tunneling Detection** Search for signs of DNS based covert channels
+ - **Blacklist Checking**: Query blacklists to search for suspicious domains and hosts
  - **URL Length Analysis**: Search for lengthy URLs indicative of malware
- - **Scanning**: Search for signs of port scans in your network
+ - **Scanning Detection**: Search for signs of port scans in your network
 
 Additional functionality is being developed and will be included soon.
 
 ### Automatic Installation
 **The automatic  installer is officially supported on Ubuntu 14.04, 16.04 LTS, Security Onion, and CentOS 7**
 
-* Clone the package:
-`git clone https://github.com/activecm/rita.git`
-* Change into the source directory: `cd rita`
-* Run the installer: `./install.sh`
+* Download the latest `install.sh` file from the [release page](https://github.com/activecm/rita/releases/latest)
+* Make the installer executable: `chmod +x ./install.sh`
+* Run the installer: `sudo ./install.sh`
 * Start MongoDB: `sudo service mongod start`
 
 ### Manual Installation
-To install each component of RITA by hand, [check out the instructions in the wiki](https://github.com/activecm/rita/wiki/Installation).
+To install each component of RITA by hand, [check out the instructions in the docs](https://github.com/activecm/rita/blob/master/docs/Manual%20Installation.md).
 
 ### Configuration File
 RITA contains a yaml format configuration file.
@@ -82,6 +81,7 @@ To obtain an API key:
   * `-H` displays human readable data
   * `rita show-beacons dataset_name -H`
   * `rita show-blacklisted dataset_name -H`
+  * Use less to view data `rita show-beacons dataset_name -H | less -S`
 
 ### Getting help
 Please create an issue on GitHub if you have any questions or concerns.

docs/Manual Installation.md

@@ -0,0 +1,55 @@
+
+### Installation
+
+1. What you'll need:
+    * Bro [https://www.bro.org](https://www.bro.org)
+    * MongoDB [https://www.mongodb.com](https://www.mongodb.com)
+    * Golang [https://www.golang.org](https://www.golang.org)
+1. Install Bro [Optional]:
+    1. Follow the directions at [https://www.bro.org/sphinx/install/install.html](https://www.bro.org/sphinx/install/install.html)
+    1. Test that bro is working by firing up bro and ensuring that it's spitting out logs. If you're having some trouble with bro configuration or use, here are some helpful links:
+        * Bro quick start [https://www.bro.org/sphinx-git/quickstart/index.html](https://www.bro.org/sphinx-git/quickstart/index.html)
+        * broctl [https://www.bro.org/sphinx/components/broctl/README.html](https://www.bro.org/sphinx/components/broctl/README.html)
+1. Install MongoDB (You will need MongoDB >= 3.2.0 which is not included by default in the Ubuntu 16.04 package manager.)
+    * Follow the MongoDB installation guide at https://docs.mongodb.com/manual/installation/
+    * Download a version >= 3.2.0 at https://www.mongodb.com/download-center?jmp=nav#community
+    * Ensure MongoDB is running before continuing  
+1. Install GoLang using the instructions at [https://golang.org/doc/install](https://golang.org/doc/install)
+    1. After the install we need to set a local GOPATH for our user. So lets set up a directory in our HomeDir
+        * ```mkdir -p $HOME/go/{src,pkg,bin}```
+    1. Now we must add the GoPath to our .bashrc file
+        * ```echo 'export GOPATH="$HOME/go"' >> $HOME/.bashrc```
+    1. We will also want to add our bin folder to the path for this user.
+        * ```echo 'export PATH="$PATH:$GOPATH/bin"' >> $HOME/.bashrc```
+    1. Load your new configurations with source.
+        * ```source $HOME/.bashrc```
+1. Getting RITA and building it
+  	1. First we want to use the go to grab sources and deps for rita.
+    	* ```go get github.com/activecm/rita```
+  	1. Now lets change to the rita directory.
+    	* ```cd $GOPATH/src/github.com/activecm/rita```
+  	1. Finally we'll build and install the rita binary.
+  		* ```make install```
+		* This will install to `$GOPATH/bin/rita` not `/usr/local/bin/rita`
+1. Configuring the system
+    1. Create a configuration directory at `/etc/rita`
+        * ```sudo mkdir /etc/rita```
+    1. Allow users to read the configuration directory
+        * ```sudo chmod 755 /etc/rita```
+    1. Create a runtime directory for rita at `/var/lib/rita`
+        * ```sudo mkdir -p /var/lib/rita/logs```
+    1. Allow users to write to the runtime directory
+        * ```sudo chmod 755 /var/lib/rita```
+        * ```sudo chmod 777 /var/lib/rita/logs```
+    1. Create the safebrowsing database file
+        * ```sudo touch /var/lib/rita/safebrowsing```
+    1. Allow users to write to the safebrowsing file
+        * ```sudo chmod 666 /var/lib/rita/safebrowsing```
+    1. Install the config file
+        * ```sudo cp etc/rita.yaml /etc/rita/config.yaml```
+    1. Allow users to write to the RITA config file
+        * ```sudo chmod 666 /etc/rita/config.yaml```
+    1. You can test a configuration file with ```rita test-config -c PATH/TO/FILE```
+        * There will be empty quotes or 0's assigned to empty fields
+    1. Follow the documentation in the Readme.md for configuring RITA
+

docs/Releases.md

@@ -0,0 +1,21 @@
+# Releases
+
+Steps for creating a RITA release. 
+
+- Tag a commit on master as a release
+	- Checkout the commit
+	- Tag the commit with `git tag [version]`
+		- Follow [SemVer](https://semver.org)
+	- Push the tag to github using `git push origin [version]`
+- Wait for Quay.io to build the docker image
+- [Use docker to create the build](https://github.com/activecm/rita/blob/master/docs/Docker%20Usage.md#using-docker-to-build-rita)
+	- Instead of `rita:master`, use `rita:[version]`
+- Go to the [releases](https://github.com/activecm/rita/releases) page
+	- Click `Draft a new release`
+	- Select the new `[version]` tag
+	- Fill out the title and description with recent changes
+		- If the config file changed, give a thorough description of the needed changes
+	- Attach the following files:
+		- The `rita` binary, pulled from the docker image
+		- The `install.sh` file for the tagged code base
+	- Publish the release