Hugging Face's logo

ineso22
/
Mozdef

Model card Files
xet
 Community
Mozdef
File size: 7,605 Bytes
7c89ed7
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
# MozDef - RAR Archive Creation Guide (Maximum Compression)

## 🎯 Objective
Create a RAR archive with maximum compression for the complete MozDef project including Docker images.

---

## πŸ“¦ Archive Contents

- **Docker Images:** All 17 MozDef images (~9-10 GB uncompressed)
- **Source Code:** Complete MozDef source (~75 MB)
- **Documentation:** All markdown documentation files

**Estimated Archive Size:** ~5-8 GB (with maximum RAR compression)

---

## πŸš€ Quick Start

### Method 1: RAR Archive (Best Compression)

```bash
cd /root/MozDef
./archive_mozdef_rar.sh
```

**Script:** `/root/MozDef/archive_mozdef_rar.sh`

**RAR Compression Settings:**
- `-m5` = Maximum compression
- `-rr10%` = 10% recovery record (data recovery)
- `-s` = Solid archive (better compression)
- `-ep1` = Exclude base directory

### Method 2: 7zip Archive (Alternative)

If RAR is not available:

```bash
cd /root/MozDef
./archive_mozdef_7z.sh
```

**7zip Compression Settings:**
- `-mx=9` = Maximum compression
- `-m0=lzma2` = LZMA2 compression method
- `-mmt=on` = Multi-threading

### Method 3: Tar.gz (Fallback)

```bash
cd /root/MozDef
./archive_mozdef.sh
```

---

## πŸ“‹ Installation Requirements

### Install RAR (Debian/Ubuntu)
```bash
apt-get update
apt-get install -y rar unrar
```

### Install RAR (RHEL/CentOS)
```bash
yum install -y rar unrar
# Or download from: https://www.rarlab.com/download.htm
```

### Install 7zip (Alternative)
```bash
# Debian/Ubuntu
apt-get install -y p7zip-full

# RHEL/CentOS
yum install -y p7zip-full
```

---

## πŸ”§ Manual RAR Archive Creation

### Step 1: Prepare Archive Directory
```bash
ARCHIVE_DIR="$HOME/mozdef-archive-$(date +%Y%m%d)"
mkdir -p "$ARCHIVE_DIR"/{docker-images,source-code,documentation}
```

### Step 2: Save Docker Images
```bash
docker save $(docker images mozdef/* --format "{{.Repository}}:{{.Tag}}") \
  -o "$ARCHIVE_DIR/docker-images/mozdef-all-images.tar"
```

### Step 3: Archive Source Code
```bash
tar -czf "$ARCHIVE_DIR/source-code/MozDef-source.tar.gz" \
  -C /root MozDef \
  --exclude='MozDef/.git' \
  --exclude='MozDef/node_modules' \
  --exclude='MozDef/.meteor/local'
```

### Step 4: Copy Documentation
```bash
cp /root/MozDef/*.md "$ARCHIVE_DIR/documentation/"
```

### Step 5: Create RAR Archive
```bash
cd "$(dirname "$ARCHIVE_DIR")"
rar a -m5 -rr10% -s -ep1 "mozdef-complete-$(date +%Y%m%d).rar" "$(basename "$ARCHIVE_DIR")"
```

**RAR Options Explained:**
- `a` = Add files to archive
- `-m5` = Maximum compression level (0-5, 5 = best)
- `-rr10%` = Add 10% recovery record for data recovery
- `-s` = Create solid archive (better compression)
- `-ep1` = Exclude base directory from paths
- `-v2g` = Split into 2GB volumes (optional, for large files)

---

## πŸ“Š Compression Comparison

| Method | Compression | Estimated Size | Recovery |
|--------|-------------|----------------|----------|
| **RAR (-m5)** | Maximum | ~5-8 GB | βœ… 10% recovery |
| **7zip (-mx=9)** | Maximum | ~5-8 GB | ❌ No recovery |
| **tar.gz (-9)** | Best | ~8-12 GB | ❌ No recovery |

**Recommendation:** Use RAR for best compression + recovery record.

---

## πŸ“₯ Extracting RAR Archive

### Extract Complete Archive
```bash
unrar x mozdef-complete-YYYYMMDD.rar
```

### Extract to Specific Directory
```bash
unrar x mozdef-complete-YYYYMMDD.rar /destination/path/
```

### List Archive Contents
```bash
unrar l mozdef-complete-YYYYMMDD.rar
```

### Test Archive Integrity
```bash
unrar t mozdef-complete-YYYYMMDD.rar
```

---

## πŸ”„ Restoring from RAR Archive

### Step 1: Extract RAR Archive
```bash
unrar x mozdef-complete-YYYYMMDD.rar
cd mozdef-archive-YYYYMMDD/
```

### Step 2: Load Docker Images
```bash
docker load -i docker-images/mozdef-all-images.tar
docker images mozdef/*  # Verify (should show 17 images)
```

### Step 3: Extract Source Code
```bash
tar -xzf source-code/MozDef-source.tar.gz -C /root/
```

### Step 4: Start Services
```bash
cd /root/MozDef
docker-compose -f docker/compose/docker-compose.yml -p mozdef up -d
```

---

## πŸ“‹ RAR Archive Features

### Advantages
- βœ… **Best compression** (typically 20-30% better than tar.gz)
- βœ… **Recovery record** (can recover damaged archives)
- βœ… **Solid archive** (better compression for multiple files)
- βœ… **Volume splitting** (split large files automatically)
- βœ… **Password protection** (optional: add `-pPASSWORD`)

### Recovery Record
The `-rr10%` option adds 10% recovery data, allowing you to:
- Recover damaged archives
- Repair corrupted files
- Extract data even if archive is partially damaged

**Usage:**
```bash
# Repair damaged archive
rar r mozdef-complete-YYYYMMDD.rar

# Extract with recovery
unrar x -kb mozdef-complete-YYYYMMDD.rar
```

---

## πŸ”’ Password Protection (Optional)

### Create Password-Protected Archive
```bash
rar a -m5 -rr10% -s -ep1 -pYOUR_PASSWORD "mozdef-complete-$(date +%Y%m%d).rar" "$(basename "$ARCHIVE_DIR")"
```

### Extract Password-Protected Archive
```bash
unrar x -pYOUR_PASSWORD mozdef-complete-YYYYMMDD.rar
```

---

## πŸ“Š Archive Size Estimation

### Before Compression
- Docker images: ~9-10 GB
- Source code: ~75 MB
- Documentation: ~1-5 MB
- **Total:** ~9-10 GB

### After RAR Compression (-m5)
- **Estimated:** ~5-8 GB (40-50% compression ratio)

### After 7zip Compression (-mx=9)
- **Estimated:** ~5-8 GB (similar to RAR)

### After tar.gz Compression (-9)
- **Estimated:** ~8-12 GB (20-30% compression ratio)

---

## ⚑ Performance Tips

### For Faster Compression
```bash
# Use lower compression (faster)
rar a -m3 -s "archive.rar" directory/

# Use multi-threading (7zip)
7z a -mx=5 -mmt=on "archive.7z" directory/
```

### For Maximum Compression (Slower)
```bash
# RAR maximum
rar a -m5 -s "archive.rar" directory/

# 7zip maximum
7z a -mx=9 -m0=lzma2 "archive.7z" directory/
```

---

## βœ… Verification

### Check Archive Integrity
```bash
# RAR
unrar t mozdef-complete-YYYYMMDD.rar

# 7zip
7z t mozdef-complete-YYYYMMDD.7z
```

### List Archive Contents
```bash
# RAR
unrar l mozdef-complete-YYYYMMDD.rar

# 7zip
7z l mozdef-complete-YYYYMMDD.7z
```

### Check Archive Size
```bash
ls -lh mozdef-complete-*.rar
du -sh mozdef-complete-*.rar
```

---

## πŸ“ Script Usage

### RAR Archive Script
```bash
cd /root/MozDef
./archive_mozdef_rar.sh
```

**Output:**
- Creates: `~/mozdef-complete-YYYYMMDD.rar`
- Size: ~5-8 GB (compressed)
- Includes: Docker images, source code, documentation

### 7zip Archive Script (Alternative)
```bash
cd /root/MozDef
./archive_mozdef_7z.sh
```

**Output:**
- Creates: `~/mozdef-complete-YYYYMMDD.7z`
- Size: ~5-8 GB (compressed)

---

## πŸš€ Transferring RAR Archive

### USB Drive
```bash
cp mozdef-complete-*.rar /mnt/usb/
```

### Network Transfer
```bash
# SCP
scp mozdef-complete-*.rar user@target:/path/

# rsync (with progress)
rsync -avz --progress mozdef-complete-*.rar user@target:/path/
```

### Split Large Files (if needed)
```bash
# RAR automatically handles volumes with -v option
# Or manually split:
split -b 2G mozdef-complete.rar mozdef-complete.rar.part

# Reassemble:
cat mozdef-complete.rar.part* > mozdef-complete.rar
```

---

## πŸ“‹ Summary

**Best Method:** RAR with maximum compression
- **Script:** `./archive_mozdef_rar.sh`
- **Compression:** Maximum (-m5)
- **Recovery:** 10% recovery record
- **Estimated Size:** ~5-8 GB

**Alternative:** 7zip if RAR unavailable
- **Script:** `./archive_mozdef_7z.sh`
- **Compression:** Maximum (-mx=9)
- **Estimated Size:** ~5-8 GB

**Fallback:** tar.gz
- **Script:** `./archive_mozdef.sh`
- **Compression:** Best (-9)
- **Estimated Size:** ~8-12 GB

---

**Last Updated:** $(date)