Coder Social home page Coder Social logo

misp-docker's Introduction

MISP Docker

The files in this repository are used to create a Docker container running a MISP ("Malware Information Sharing Platform") instance.

All the required components (MySQL, Apache, Redis, ...) are running in a single Docker. At first run, most of the setup is automated but some small steps must be performed manually after the initial run.

The build is based on Ubuntu and will install all the required components. The following configuration steps are performed automatically:

  • Reconfiguration of the base URL in config.php
  • Generation of a new salt in config.php
  • Generation of a self-signed certificate and reconfiguration of the vhost to offer SSL support
  • Optimization of the PHP environment (php.ini) to match the MISP recommended values
  • Creation of the MySQL database
  • Generation of the admin PGP key

Building the image

# git clone https://github.com/lcpdn/misp-docker
# cd misp-docker
# docker build -t misp/misp --build-arg MYSQL_ROOT_PASSWORD=<mysql_root_pw> .

(Choose your MySQL root password at build time)

Running the image

First, create a configuration file which will contain your MySQL passwords:

# cat env.txt
MYSQL_ROOT_PASSWORD=my_strong_root_pw
MYSQL_MISP_PASSWORD=my_strong_misp_pw
[email protected]
MISP_ADMIN_PASSPHRASE=abc123
MISP_BASEURL=http:\/\/misp\.local

This file will help to customize your MISP instance.

  • MYSQL_*_PASSWORD are used to configured accesses to the database server
  • MISP_ADMIN_EMAIL is used to generate the PGP key (Don't forget to change it in the web interface)
  • MISP_ADMIN_PASSPHRASE is the passphrase associated to the PGP key
  • MISP_BASEURL is the URL that will be used to access the web interface. Please escape any caracters that could affect a regex.

Then boot the container:

# docker run -d -p 443:443 -v /dev/urandom:/dev/random --env-file=env.txt --restart=always --name misp misp/misp

Note: the volume mapping is /dev/urandom is required to generate enough entropy to create the PGP key.

Post-boot steps

Once the container started, connect to it:

# docker exec -it misp bash

Then, perform the following steps:

  • Change the admin email address to the one specify in your env.txt file
  • Reconfigure the Postfix instance

Usage

Point your browser to https://<your-docker-server>. The default credentials remain the same: [email protected] with admin as password. To use MISP, refer to the official documentation: https://github.com/MISP/MISP/blob/2.4/INSTALL/documentation.pdf

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.