The Set Up Wizard is used to perform the initial configuration of KFSensor.
Each step of the wizard is described below.
After the Set Up Wizard is run, KFSensor will be ready to detect attacks on the system.
To make it easy to set up common ports KFSensor has a set of pre-defined listen definitions.
The definitions are grouped into the classes in the wizard enabling you to add different types of ports.
It is possible to remove all ports of a class by unselecting the class.
To pick up the maximum about of attacks select all the port classes.
You can also run the Set Up Wizard again later to add additional components.
If service is already using a port then KFSensor cannot use it as well to run a simulated version of the service.
There are two options when this occurs:
Keep the existing services running and get KFSensor to monitor the activity of those existing services. By checking a port the wizard will convert the listen definition to a native type.
To allow KFSensor to try and run its own simulated service then uncheck the port. The native service running on the port will then need to be shut down to allow KFSensor to take over the port.
To make things easy the Scenario -> Edit Active Scenario dialog has a button "Convert To Native..." that display the Convert To Native dialog box. This allows you to choose which ports in error should be converted to Native.
This is the domain name used to identify the server to a visitor.
It is used in several Sim Servers.
This could be the real domain name of the machine or a fictitious one. If you pick a fictitious one, try not to use a real domain belonging somebody else.
If you are using KFSensor inside a corporate environment then create a sub-domain of your corporate domain name.
KFSensor can send alerts by email.
The settings in the wizard are the minimum needed to enable this feature.
For more details on the options available see the EMail Alerts dialog box.
A systems service is a special type of application that Windows runs in the background and is similar in concept to a UNIX daemon.
The KFSensor Server becomes independent of the logged on user, so the user can log off and another person can log on without affecting the server.
The KFSensor Server can be configured to start automatically when the system starts, before a user logs on.
The user must be logged in as the Administrator in order to install a systems service.
For more information see the Running the KFSensor Server section of the manual.
Next: Basic testing