Installing and Using Flint from Matasano

Flint is a "free, open source web-based firewall rule scanner" written by Matasano Security.

To begin with, grab Flint from here. It's available from the Matasano git repository or via source archive.

Next you want to check out the README file.

...## Installing

gem install ./matasano_utils-0.1.gem
gem install ./Ralex-0.1.gem

It also needs the following gems:
* sinatra
* haml
* ohm
* rdiscount
* compass
* bcrypt-ruby

Flint also requires a working Redis 1.2.3+

Redis is available at http://code.google.com/p/redis/

Note, the Ubuntu redis-server package is too old.

## Running

* Start redis
* The first time you run, you will need to do run 'rake init'
* 'rake app'

This will start a Sinatra server listening on port 4567.  Point your browser at that.

Hurray! There are instructions.

Check your list of installed ruby gems with the command 'gem list' and install any gems that you don't already have. Personally, it seems like I have to (metaphorically) sacrifice a chicken to get ruby gems installed in the correct directory, in the path, and working right. But that's just me.

If you haven't stopped reading already, you will have noticed that Redis is required to get Flint working. Get the latest stable version of Redis here. Redis is a "persistent key-value database with built-in net interface written in ANSI-C for Posix systems". Check out the Redis Quick Start page for getting Redis up and running.

Now we're down to the 'Running' section of the README. Hopefully you actually read the Quick Start page for Redis and saw the './redis-server' command - it's kind of important and you should do that now.

Next, you want to be sitting in the Flint directory. Run 'rake init', followed by 'rake app'. This should notify you along the way that flint was brought up successfully and it has been given a default account of admin/admin77.

If you've gotten this far, do as the good README says and point your browser to http://localhost:4567 and see if everything went right. This is what the login screen looks like:

If something didn't go right you may get an error like this:

NoMethodError at /
undefined method `path' for #

   * file: login.rb
   * location: nil
   * line: 11

Okay. That's what it looks like when there is a user error. Remember what I said about the chickens? I was missing the Rack gem. It turns out that you need that gem installed so that you can use the path method from the Request class.

After you upload a configuration file, here is what the Overview page looks like:

Looks like there is a firewall out there that needs some help. I'll leave the rest of the exploration up to you.

Overall, Flint delivers and makes my brain hurt less when compared to a manual review of firewall rules. The GUI is pretty self-explanatory and easily navigable. I'll be keeping an eye on it as it improves over time.