Coder Social home page Coder Social logo

ioc2rpz.dc's Introduction

ioc2rpz.dc

License

Short summary

ioc2rpz™: The DNS Security Solution - ioc2rpz™ is a powerful DNS server that transforms threat indicators into actionable Response Policy Zone (RPZ) feeds. It automates the update process, ensuring your network is protected against the latest threats, including malicious domains and IP addresses. By converting IOC feeds into RPZs, ioc2rpz™ acts as a crucial link between threat intelligence and DNS security, compatible with RPZ-supporting DNS servers like ISC Bind or PowerDNS.

Overview

Easily run ioc2rpz™, ioc2rpz.gui on Docker with Docker Compose. ioc2rpz™ is shipped with preconfigured RPZ feeds based on open source threat intelligence (OSINT).

Prerequisites

  • ioc2rpz™ and ioc2rpz.gui use tthe following ports: 53/udp, 53/tcp, 853/tcp, 80/tcp, 443/tcp, 8443/tcp. Ensure that no any other services are using these ports.
  • recent releases Docker and Docker Compose

Configuration

Clone the repository to a directory where you want to deploy the service. During the first service start ioc2rpz.gui startup script will create the following directories with the following content:

  • ioc2rpz/cfg - ioc2rpz™ configuration file, a sample whitelist and a temporary ssl certificate and a key;
  • ioc2rpz/db - configuration database;
  • ioc2rpz/ssl - certificates for ioc2rpz.gui.

Start ioc2rpz™ service

To start the service execute the following command:

sudo docker-compose up -d

Refer the docker compose documentation to learn how to restart, stop the service and cleanup.

Do you want to support to the project?

You can suppor the project via GitHub Sponsor (recurring payments) or make one time donation via PayPal.

Contact us

You can contact us by email: feedback(at)ioc2rpz[.]net or in Telegram.

License

Copyright 2017 - 2024 Vadim Pavlov ioc2rpz[at]gmail[.]com

Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

ioc2rpz.dc's People

Contributors

homas avatar

Stargazers

avatar avatar avatar avatar

Watchers

avatar avatar

Forkers

teadur

ioc2rpz.dc's Issues

Option to set ioc2rpz.gui HostIP to 127.0.0.1 instead of 0.0.0.0?

How would one go about changing the default HostIP for ioc2rpz.gui when using docker-compose? This is related to: Homas/ioc2rpz#43

I run ioc2rpz behind Nginx to apply LDAP auth via Keycloak, hence ioc2rpz.gui is set to listen to localhost and Nginx acts as a reverse proxy. I now manually edit the hostconfig.json file of the docker image, but I fear this will be broken if I update the image.

[...]
"PortBindings":{
    "443/tcp":[{"HostIp":"127.0.0.1","HostPort":"443"}],
    "80/tcp":[{"HostIp":"127.0.0.1","HostPort":"80"}]},
[...]

~ioc2rpz failed to build~ What outbound firewall rules are needed?

Migrating to docker compose from images deployed two years ago, I get the following error during the ioc2rpz build:

Building ioc2rpz
Step 1/16 : FROM erlang:alpine
alpine: Pulling from library/erlang
96526aa774ef: Already exists
f1a0e614ce79: Pull complete
Digest: sha256:3a4a46200b33df3f81e214c5350fc1e4895650e81387da20613380f5e30ed092
Status: Downloaded newer image for erlang:alpine
 ---> 5ef3b4778c19
Step 2/16 : MAINTAINER Vadim Pavlov<[email protected]>
 ---> Running in b09acddf1cf3
Removing intermediate container b09acddf1cf3
 ---> 008919ee1ced
Step 3/16 : WORKDIR /opt/ioc2rpz
 ---> Running in cb88e9078832
Removing intermediate container cb88e9078832
 ---> ce860c8368f0
Step 4/16 : RUN mkdir -p /opt/ioc2rpz/cfg /opt/ioc2rpz/ssl /opt/ioc2rpz/db /opt/ioc2rpz/include /opt/ioc2rpz/src /opt/ioc2rpz/log && apk add bind-tools curl python3 gawk php lftp ripgrep
 ---> Running in befc5cee7b1c
fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.18/community/x86_64/APKINDEX.tar.gz
(1/37) Installing fstrm (0.6.1-r2)
(2/37) Installing krb5-conf (1.0-r2)
(3/37) Installing libcom_err (1.47.0-r2)
(4/37) Installing keyutils-libs (1.6.3-r3)
(5/37) Installing libverto (0.3.2-r2)
(6/37) Installing krb5-libs (1.20.1-r1)
(7/37) Installing nghttp2-libs (1.57.0-r0)
(8/37) Installing protobuf-c (1.4.1-r2)
(9/37) Installing libuv (1.44.2-r2)
(10/37) Installing xz-libs (5.4.3-r0)
(11/37) Installing libxml2 (2.11.4-r0)
(12/37) Installing bind-libs (9.18.19-r0)
(13/37) Installing bind-tools (9.18.19-r0)
(14/37) Installing brotli-libs (1.0.9-r14)
(15/37) Installing libunistring (1.1-r1)
(16/37) Installing libidn2 (2.3.4-r1)
(17/37) Installing libcurl (8.4.0-r0)
(18/37) Installing curl (8.4.0-r0)
(19/37) Installing gawk (5.2.2-r0)
(20/37) Installing lftp (4.9.2-r5)
(21/37) Installing php81-common (8.1.25-r0)
(22/37) Installing argon2-libs (20190702-r4)
(23/37) Installing libedit (20221030.3.1-r1)
(24/37) Installing pcre2 (10.42-r1)
(25/37) Installing php81 (8.1.25-r0)
(26/37) Installing libbz2 (1.0.8-r5)
(27/37) Installing libexpat (2.5.0-r1)
(28/37) Installing libffi (3.4.4-r2)
(29/37) Installing gdbm (1.23-r1)
(30/37) Installing mpdecimal (2.5.1-r2)
(31/37) Installing libpanelw (6.4_p20230506-r0)
(32/37) Installing sqlite-libs (3.41.2-r2)
(33/37) Installing python3 (3.11.6-r0)
(34/37) Installing python3-pycache-pyc0 (3.11.6-r0)
(35/37) Installing pyc (0.1-r0)
(36/37) Installing python3-pyc (3.11.6-r0)
(37/37) Installing ripgrep (13.0.0-r3)
Executing busybox-1.36.1-r2.trigger
OK: 77 MiB in 62 packages
Removing intermediate container befc5cee7b1c
 ---> d18fde43597c
Step 5/16 : ADD src/* /opt/ioc2rpz/src/
 ---> 0836cfd86dc1
Step 6/16 : ADD include/* /opt/ioc2rpz/include/
 ---> ac042404ab26
Step 7/16 : ADD config/* /opt/ioc2rpz/config/
 ---> cb7ec1bef182
Step 8/16 : ADD rebar.config /opt/ioc2rpz/
 ---> 062f9a086d55
Step 9/16 : RUN rebar3 eunit && rebar3 release -d false
 ---> Running in 8bdfb1fd88ed
===> Verifying dependencies...
===> Failed to update package cowboy from repo hexpm
===> Package not found in any repo: cowboy 2.9.0
ERROR: Service 'ioc2rpz' failed to build: The command '/bin/sh -c rebar3 eunit && rebar3 release -d false' returned a non-zero code: 1

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.