For Mac OS X, the unix-based BotHunter installer is primarily a terminal-based application (the EULA is its only GUI component and even that has a terminal-based implementation). It has two phases: (1) a root install, which creates a BotHunter-specific account and optionally installs BotHunter has a system service that automatically starts on reboot, and (2) a user install, which allows you to tune BotHunter's back-end settings. With the exception of how to start a terminal session and your having to log into the newly created BotHunter-specific account, the instructions below are based on the BotHunter Users Manual Unix Release.

Your system should have a modern Intel Pentium-class or Motorola PowerPC processor, at least 1 GB RAM, and at least 1 Ethernet NIC/WIC for network monitoring.

Root privilege is required to install BotHunter.  BotHunter also requires Sun’s Java Runtime Environment (JRE) Release 1.5 or later.  

Apple’s Integrated Development Environment, Xcode, must be installed on your system; it may be obtained from http://developer.apple.com/tools/xcode/.

To perform the root install, create a Terminal window by selecting and opening the “Terminal” application from the “Applications”/“Utilities” folder. In the new window, type

and enter your account's password (— you need to run with root/adminstrator privileges to install BotHunter; you must also have XCode installed on your system). Then type


followed by a trailing space (‘ ’) but do not press <return>/<enter>. Locate your local copy of botHunterInstall.jar and drag and drop it into your Terminal window. This should result in something like


Press <return>/<enter>. Once you have accepted The EULA, answer the prompts in the Terminal window. After you've completed the root installation, (and assuming that you've created the default account, “cta-bh”) type


and enter a new password for this account.

To perform the user install, log out of your normal user account (— select the item “Log Out account” from the <Apple> menu) and then log into the new “Cyber-TA” account, using the password you had previously entered. Again, create a Terminal window via the Finder by selecting and opening the “Terminal” application from the “Applications”/“Utilities” folder. Like before, in the new window type

followed by a trailing space, locate your local copy of botHunterInstall.jar and drag and drop it into your Terminal window, and then press <return>/<enter>. Once you've accepted the EULA, you'll be presented with a set of user-specific prompts (— the defaults are typically sufficient).

Once you’ve started BotHunter, you may safely log out of the account.

To check BotHunter’s status, you may either create a Terminal window and type

followed by


If “Local text BotHunter profiles” is non-zero, examine the most recent version of “botHunterResults_date_time.txt” in the LIVEPIPE_CONFIG folder.

Or, to invoke the BotHunter GUI, log out of your normal account and log in to “Cyber-TA”^* and create a Terminal window.  In that window, type


and the BotHunter GUI will run. For information on the GUI, click here.

^* For tech weenies: The reason that you must log into the “cta-bh” account (cf. su’ing) is because /System/Library/CoreServices/pbs is bound to the (current) login user.  Without the pasteboard server, a graphical user interface application invoked by a different user will not function correctly for drag-and-drop and copy-and-paste operations.