├── .gitignore
├── CONTRIBUTING.md
├── GETTING-STARTED.md
├── LICENSE
├── README.md
├── icon.png
├── main.js
├── package.json
├── run.js
└── src
    ├── Config.iced
    ├── app.iced
    └── preload.js


/.gitignore:
--------------------------------------------------------------------------------
 1 | # Logs
 2 | logs
 3 | *.log
 4 | npm-debug.log*
 5 | 
 6 | # Runtime data
 7 | pids
 8 | *.pid
 9 | *.seed
10 | *.asc
11 | 
12 | # Directory for instrumented libs generated by jscoverage/JSCover
13 | lib-cov
14 | 
15 | # Coverage directory used by tools like istanbul
16 | coverage
17 | 
18 | # nyc test coverage
19 | .nyc_output
20 | 
21 | # Grunt intermediate storage (http://gruntjs.com/creating-plugins#storing-task-files)
22 | .grunt
23 | 
24 | # node-waf configuration
25 | .lock-wscript
26 | 
27 | # Compiled binary addons (http://nodejs.org/api/addons.html)
28 | build/Release
29 | 
30 | # Dependency directories
31 | node_modules
32 | jspm_packages
33 | 
34 | # Optional npm cache directory
35 | .npm
36 | 
37 | # Optional REPL history
38 | .node_repl_history
39 | 


--------------------------------------------------------------------------------
/CONTRIBUTING.md:
--------------------------------------------------------------------------------
 1 | # Contributing to Trailbot Client
 2 | 
 3 | We're happy you want to contribute! You can help us in different ways:
 4 | 
 5 | - [Open an issue][1] with suggestions for improvements and errors you're facing
 6 | - Fork this repository and submit a pull request
 7 | - Improve the [documentation][2].
 8 | 
 9 | [1]: https://github.com/trailbot/client/issues
10 | [2]: https://github.com/trailbot/client/wiki
11 | 
12 | To submit a pull request, fork the [Trailbot Client repository][3] and then clone your fork:
13 | 
14 |     git clone git@github.com:<your-name>/client.git
15 | 
16 | [3]: https://github.com/trailbot/client
17 | 
18 | Make your suggested changes, `git push` and then [submit a pull request][4].
19 | [4]: https://github.com/trailbot/client/compare/
20 | 


--------------------------------------------------------------------------------
/GETTING-STARTED.md:
--------------------------------------------------------------------------------
  1 | __Trailbot Getting Started guide__
  2 | + [Introduction](#introduction)
  3 | + [Installing Trailbot Client](#installing-trailbot-client)
  4 | + [Installing Trailbot Watcher](#installing-trailbot-watcher)
  5 | + [Usage](#usage)
  6 |   + [Watching files and logs](#watching-files-and-logs)
  7 |   + [Reading events](#reading-events)
  8 |   + [Adding smart policies](#adding-smart-policies)
  9 | + [Usage in development mode](#usage-in-development-mode)
 10 | + [Installing Trailbot Vault](#installing-trailbot-vault)
 11 | 
 12 | --
 13 | 
 14 | ## Introduction
 15 | 
 16 | The installation process of Trailbot comprises, in this order:
 17 | + Installing [Trailbot Client](https://github.com/trailbot/client) in your computer.
 18 | + Installing [Trailbot Watcher](https://github.com/trailbot/watcher) in your server/s.
 19 | 
 20 | The installation of Trailbot Client __MUST__ be done before starting to install any Trailbot watcher.
 21 | 
 22 | Then, when you run Trailbot Client for the first time, it will guide you through the process of installing and setting up Trailbot watcher on your server/s.
 23 | 
 24 | Installing your own [Trailbot Vault](https://github.com/trailbot/vault) in a separate server is optional—you can use the "official" vault instance run by [Stampery](https://stampery.com), which is available at `vault.trailbot.io:8443`.
 25 | 
 26 | ## Installing Trailbot Client
 27 | 
 28 | ### Compatibility
 29 | You can install Trailbot Client on GNU/Linux, OS X, Windows and virtually any other desktop OS with support for `nodejs` > 5.0 and [Electron](https://github.com/electron/electron).
 30 | 
 31 | ### Before installing
 32 | 
 33 | + Make sure that version `5.0.0` or greater of `nodejs` is installed in your computer. Recommended version is `6.0.0` or greater. You can find detailed `nodejs` installation instructions for your OS [here](https://nodejs.org/en/download/package-manager).
 34 | 
 35 | ### Installation
 36 | Installing Trailbot Client is incredibly easy. You only have to execute this single command: :v:
 37 | ```
 38 | npm install -g trailbot-client
 39 | ```
 40 | <sub>:cop: __Hey!__ _You will probably need to run the previous command as `root` on GNU/Linux and OS X._</sub>
 41 | 
 42 | __Boom!__ It's been easy, huh?.
 43 | 
 44 | ### Running
 45 | 
 46 | You can run Trailbot Client by executing the following command:
 47 | ```
 48 | trailbot-client
 49 | ```
 50 | 
 51 | ### Setting up
 52 | 
 53 | The first time you run Trailbot Client, it presents a setup wizard that guides you through the process of setting up both the client and your first Trailbot watcher.
 54 | 
 55 | ![Welcome screen](https://github.com/trailbot/vault/blob/master/dist/img/screens/client/001.png)
 56 | 
 57 | Trailbot uses __end-to-end encryption__ to guarantee maximum privacy of all your data, so the first step will be setting a passphrase for your secure keypar.
 58 | 
 59 | ![PGP keypar generation](https://github.com/trailbot/vault/blob/master/dist/img/screens/client/002.png)
 60 | 
 61 | The `Client public key` that you have just generated needs to be copied into your servers. In order to do so, the recommended option is to __export to filesystem__.
 62 | 
 63 | ![Public key export](https://github.com/trailbot/vault/blob/master/dist/img/screens/client/003.png)
 64 | 
 65 | At this point, if this is the first time that you use Trailbot, please choose __"Not yet, please show me how"__.
 66 | 
 67 | ![Watcher configuration](https://github.com/trailbot/vault/blob/master/dist/img/screens/client/004.png)
 68 | 
 69 | Now follow the steps described in the watcher or simply go through the [Installing Trailbot Watcher](#installing-trailbot-watcher) section in this same Getting Started guide.
 70 | 
 71 | ![Watcher setup](https://github.com/trailbot/vault/blob/master/dist/img/screens/client/005.png)
 72 | 
 73 | ## Installing Trailbot Watcher
 74 | 
 75 | :exclamation: __Before installing Trailbot Watcher in your server, you need to install Trailbot Client in your own computer.__
 76 | 
 77 | ## Compatibility
 78 | 
 79 | The watcher has been designed and optimized for usage in `GNU/Linux`. It should work flawlessly in Ubuntu, Debian, CentOS, Fedora, Gentoo, openSUSE, Red Hat and many other popular distributions as long as they have:
 80 | 
 81 | + A proper package manager (`apt`, `yum`, `pacman`).
 82 | + Support for `nodejs` > 6.0.0
 83 | + `systemd`, `upstart` or `systemv`
 84 | 
 85 | ### Before installing
 86 | 
 87 | + Remember to install Trailbot Client in your own computer and go through its setup wizard to generate its keypar and export it.
 88 | + Make sure that version `5.0.0` or greater of `nodejs` is installed in your computer. Recommended version is `6.0.0` or greater. Easiest way to install `nodejs` is:
 89 | 
 90 | ##### Debian and Ubuntu based Linux distributions
 91 | ```
 92 | curl -sL https://deb.nodesource.com/setup_6.x | sudo -E bash -
 93 | sudo apt-get install -y nodejs
 94 | ```
 95 | ##### RHEL, CentOS and Fedora
 96 | ```
 97 | curl --silent --location https://rpm.nodesource.com/setup_6.x | bash -
 98 | sudo yum -y install nodejs
 99 | ```
100 | #### Arch
101 | ```
102 | pacman -S nodejs npm
103 | ```
104 | 
105 | ### Installation
106 | 
107 | Installing Trailbot Watcher is quite easy:
108 | ```
109 | sudo su
110 | git clone https://github.com/trailbot/watcher
111 | cd watcher
112 | npm install
113 | ```
114 | Now take the `Client public key` that you exported from the Client in your computer and copy it into your server using `scp`, `rsync`, `ftp` or similar. (Another option is opening a text editor in your server and directly pasting it).
115 | 
116 | Now simply run:
117 | ```
118 | npm run setup
119 | ```
120 | 
121 | The setup wizard is pretty self-explainative and helps you to import your `Client public key`, export your `Watcher public key`, create a system daemon and start it immediately:
122 | 
123 | Choose a name or press Enter for accepting the suggested name.
124 | 
125 | ![Watcher name](https://github.com/trailbot/vault/blob/master/dist/img/screens/watcher/001.png)
126 | 
127 | Write the route of the file where you put the `Client public key`.
128 | 
129 | ![Client key import](https://github.com/trailbot/vault/blob/master/dist/img/screens/watcher/002.png)
130 | 
131 | Here you can press Enter to use the "official" vault (`vault.trailbot.io:8443`).
132 | 
133 | ![Vault endpoint](https://github.com/trailbot/vault/blob/master/dist/img/screens/watcher/003.png)
134 | 
135 | Wait a couple of minutes while your Watcher keys are generated.
136 | 
137 | ![Keys generation](https://github.com/trailbot/vault/blob/master/dist/img/screens/watcher/004.png)
138 | 
139 | The watcher will generate a biometric sentence consisting of 8 words that will be required by Trailbot Client.
140 | 
141 | ![Watcher exchange](https://github.com/trailbot/vault/blob/master/dist/img/screens/watcher/006.png)
142 | 
143 | After Trailbot Client validates the sentence, Trailbot Watcher should be up and running. :tada:
144 | 
145 | ![Ready](https://github.com/trailbot/vault/blob/master/dist/img/screens/watcher/007.png)
146 | 
147 | Last step is taking the `./trailbot_watcher.pub.asc` file containing the `Watcher public key` and copying it back to your personal computer. Go back to the Client's setup wizard, import the `Watcher public key` and now you are ready to play. :muscle:
148 | 
149 | ![Congratulations](https://github.com/trailbot/vault/blob/master/dist/img/screens/client/006.png)
150 | 
151 | ## Usage
152 | 
153 | ##### Main view
154 | 
155 | ![Main view](https://github.com/trailbot/vault/blob/master/dist/img/screens/client/main-view.png)
156 | 
157 | ### Watching files and logs
158 | 
159 | Start watching a file by clicking on the (:heavy_plus_sign:) button in the left pane and then simply enter the absolute path of the file you want to watch.
160 | 
161 | ![Start watching](https://github.com/trailbot/vault/blob/master/dist/img/screens/client/start-watching.png)
162 | 
163 | We recommend to watch :eyes: typical logfiles like `/var/log/syslog`, `/var/log/auth.log` or `/var/log/nginx/nginx_error.log`.
164 | 
165 | :ghost: _You can even monitor files that do not exist yet, and get events when they are created._
166 | 
167 | ### Reading events
168 | 
169 | Every time a watched file is modified, a new event appears in the file's event list.
170 | 
171 | ![Event](https://github.com/trailbot/vault/blob/master/dist/img/screens/client/addition-event.png)
172 | 
173 | The numbers under the date tell you how many lines where added and/or deleted at the time.
174 | 
175 | Something like _"+3 -3"_ typically means that 3 lines were edited or replaced.
176 | 
177 | When you click on one of the events on the list, you can see the [diff](https://en.wikipedia.org/wiki/Diff_utility) between previous and current version of the watched file.
178 | 
179 | ![Diff](https://github.com/trailbot/vault/blob/master/dist/img/screens/client/addition-diff.png)
180 | 
181 | The _"EOF"_ at the bottom represents the end of the file.
182 | 
183 | ### Adding Smart Policies
184 | 
185 | ![Add smart policy](https://github.com/trailbot/vault/blob/master/dist/img/screens/client/smart-policies-menu.png)
186 | 
187 | 1. Select the file you want to add a Smart Policy to.
188 | 2. Click on the (:heavy_plus_sign:) in the second left pane, right next to the "Smart Policies" header.
189 | 3. Copy the Git HTTPS URL for the Smart Policy you want to add, and paste it where asked.
190 | 4. Fill in all the policy's parameterization fields and simply click on "Add policy [...]". Voilà!
191 | 
192 | 
193 | ## Installing Trailbot Vault
194 | 
195 | Installing your own [Trailbot Vault](https://github.com/trailbot/vault) in a separate server is __OPTIONAL__—you can use the "official" vault instance run by [Stampery](https://stampery.com), which is available at `vault.trailbot.io:8443`. The installation process is covered in [its own README](https://github.com/trailbot/vault/blob/master/README.md#installing-your-own-vault).
196 | 


--------------------------------------------------------------------------------
/LICENSE:
--------------------------------------------------------------------------------
 1 | The MIT License (MIT)
 2 | 
 3 | Copyright (c) 2016 Stampery
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 
23 | ADDENDUM
24 | 
25 | In the event that the software was published, distributed or communicated in
26 | any other way either as a independent part or as a necessary component of
27 | another software or project, it shall be considered NOT A SUBMISSION nor a 
28 | cession or contribution.
29 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | [<img style="width:100%;" src="https://raw.githubusercontent.com/trailbot/vault/master/dist/img/banner.png">](https://trailbot.io)
 2 | 
 3 | # [Trailbot](https://trailbot.io) Client <sup><sub><sup><sub>DEVELOPER PREVIEW</sub></sup></sub></sup>
 4 | 
 5 | __Trailbot tracks your server's logs and files__, triggers [__Smart Policies__](https://github.com/trailbot/client/wiki/Smart-Policies) upon potentially unwanted modifications and generates a __tamper-proof audit trail__ of everything happening in the system.
 6 | 
 7 | [Smart Policies](https://github.com/trailbot/client/wiki/Smart-Policies) are simple scripts that get called every time a tracked file changes. They trigger actions such as emailing someone, rolling files back to a previous state or even shutting the system down. There are [plenty of them ready to use](https://github.com/trailbot/client/wiki/Smart-Policies#ready-to-use-policies), and you can even [create your own](https://github.com/trailbot/client/wiki/Smart-Policies).
 8 | 
 9 | Trailbot has three components:
10 | + [__Watcher__](https://github.com/trailbot/watcher): a server daemon that monitors your files and logs, registers file events and enforces [smart policies](https://github.com/trailbot/client/wiki/Smart-Policies).
11 | + [__Client__](https://github.com/trailbot/client): (this repository) desktop app for managing watchers, defining policies and reading file events.
12 | + [__Vault__](https://github.com/trailbot/vault): a backend that works as a relay for the watcher's settings and the server events.
13 | 
14 | # Why Trailbot?
15 | 
16 | Current security solutions are based on an obsolete paradigm: building walls and fences. Companies advertise their overcomplicated perimeter security systems as if they were impenetrable. But nevertheless we hear everyday about __cyber security breaches__ at even the largest corporations.
17 | 
18 | In any case walls and fences will not protect you at all from internal breaches and __insider threats__. Furthermore, most data resides nowadays in the cloud, where walls, borders and fences fade and blur. It is not a matter of “if” but “when” the perimeter will get breached.
19 | 
20 | With Trailbot you can rest assured of the __integrity of your data__, being it a system log or any other important file. It doesn't matter if an outsider got access to your systems or an insider decided to go rogue—__you are now in control__.
21 | 
22 | # Installation
23 | 
24 | Please refer to our [Getting Started guide](https://github.com/trailbot/client/blob/master/GETTING-STARTED.md) for detailed installation instructions.
25 | 
26 | # Get Involved
27 | 
28 | We'd love for you to help us build Trailbot. If you'd like to be a contributor, check out our [Contributing guide](https://github.com/trailbot/client/blob/master/CONTRIBUTING.md).
29 | 
30 | # FAQ
31 | 
32 | Check out our [FAQ at the wiki](https://github.com/trailbot/client/wiki/FAQ).
33 | 
34 | # LICENSE
35 | 
36 | [MIT](https://github.com/trailbot/client/blob/master/LICENSE)
37 | 
38 | [<img style="width:100%;" src="https://raw.githubusercontent.com/trailbot/vault/master/dist/img/footer.png">](https://stampery.com)
39 | 


--------------------------------------------------------------------------------
/icon.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/trailbot/client/2bdea85dcedf255a3eb7dd9477efd56b1d282dc7/icon.png


--------------------------------------------------------------------------------
/main.js:
--------------------------------------------------------------------------------
1 | require('iced-coffee-script').register();
2 | require('./src/app.iced')
3 | 


--------------------------------------------------------------------------------
/package.json:
--------------------------------------------------------------------------------
 1 | {
 2 |   "name": "trailbot-client",
 3 |   "version": "0.3.0",
 4 |   "description": "TrailBot tracks files and logs in your server and triggers smart policies upon unwanted modification.",
 5 |   "keywords": [
 6 |     "siem",
 7 |     "sem",
 8 |     "monitor",
 9 |     "watch",
10 |     "logs",
11 |     "trailbot",
12 |     "audit trail",
13 |     "integrity",
14 |     "blockchain"
15 |   ],
16 |   "repository": "https://github.com/trailbot/client",
17 |   "homepage": "https://trailbot.io",
18 |   "license": "MIT",
19 |   "author": "Adán Sánchez de Pedro Crespo <adan@stampery.com>",
20 |   "contributors": [],
21 |   "dependencies": {
22 |     "electron-bin": "^0.37.3",
23 |     "iced-coffee-script": "^108.0.11",
24 |     "ipc": "0.0.1",
25 |     "mkdirp": "^0.5.1",
26 |     "request": "^2.74.0",
27 |     "simple-git": "^1.41.0"
28 |   },
29 |   "devDependencies": {
30 |     "electron-packager": "^7.4.0",
31 |     "electron-prebuilt": "^1.2.2",
32 |     "jquery": "^3.0.0"
33 |   },
34 |   "main": "run.js",
35 |   "engines": {
36 |     "node": ">=5.0.0"
37 |   },
38 |   "scripts": {
39 |     "start": "electron .",
40 |     "start-dev": "DEV=true electron . --ignore-certificate-errors",
41 |     "package": "electron-packager . --all"
42 |   },
43 |   "bin": {
44 |     "trailbot-client": "./run.js"
45 |   }
46 | }
47 | 


--------------------------------------------------------------------------------
/run.js:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env node
2 | var electron = require('electron-bin')
3 | var proc = require('child_process')
4 | var child = proc.spawn(electron, [__dirname + "/main.js"])
5 | 


--------------------------------------------------------------------------------
/src/Config.iced:
--------------------------------------------------------------------------------
 1 | Config =
 2 |   vault: 'https://vault.trailbot.io:8443'
 3 | 
 4 | if process.env['DEV'] is 'true'
 5 |   console.log 'DEV MODE'
 6 |   Config.vault = 'http://localhost:8443'
 7 |   Config.watcher_key = './keys/trailbot_watcher.priv.asc'
 8 |   Config.client_key = './keys/trailbot_client.pub.asc'
 9 | 
10 | for key, val of process.env
11 |   Config[key.toLowerCase()] = val
12 | 
13 | module.exports = Config
14 | 


--------------------------------------------------------------------------------
/src/app.iced:
--------------------------------------------------------------------------------
 1 | electron = require 'electron'
 2 | {app} = electron
 3 | {BrowserWindow} = electron
 4 | 
 5 | Config = require './Config'
 6 | 
 7 | win = null
 8 | 
 9 | createWindow = ->
10 |   win = new BrowserWindow
11 |     width: 1440
12 |     height: 768
13 |     minWidth: 720
14 |     minHeight: 500
15 |     autoHideMenuBar: true
16 |     title: 'Trailbot Client'
17 |     icon: __dirname + '/../icon.png'
18 |   win.loadURL """data:text/html,<webview id="wv" src="#{Config.vault}" preload="file://#{__dirname}/preload.js" style="position: fixed; top: 0; right: 0; bottom: 0; left: 0;"></webview><script>window.document.getElementById('wv').addEventListener('console-message', function(e) { console.log(e.message); });</script>"""
19 | 
20 |   win.on 'closed', () =>
21 |     win = null
22 | 
23 | app.on 'ready', createWindow
24 | app.on 'window-all-closed', () =>
25 |   if process.platform isnt 'darwin'
26 |     app.quit()
27 | app.on 'activate', =>
28 |   if win is null
29 |     createWindow()
30 | 


--------------------------------------------------------------------------------
/src/preload.js:
--------------------------------------------------------------------------------
1 | eRequire = require;
2 | 


--------------------------------------------------------------------------------