Coder Social home page Coder Social logo

vulnswatch's Introduction

VulnsWatch

keeps track of know vulnerabilities in your systems.

Deployment

Vulnswatch is a rails app depending on two databases. CouchDB and Postresql have to be installed and configured.

Couch DB

Install CouchDB 2.1 or newer, see here: http://couchdb.apache.org/ Then in the config.yml it has to be configured. Admin access is not required, but the user has to have rights to chage the database structure in couch.

Login to Fauxton ( http://127.0.0.1:5984/_utils/# ) and create a database there. The standard name as in couch.yml is cves.

VulnsWatch will create design documents there.

If you install couch on the same machine, make sure to configure couch to not to consume all the resources of the machine and leave some for the rails app.

Rails App

Installing Ruby on Rails app is possible then in a normal way. We used Phusion Passenger and nginx. See an example below. Other setups should work too. We also used RVM and ruby 2.3.1.

This is how the rails app is installed:

gem install bundler
bundle install --with production --force
export RAILS_ENV=production
source ~/.secrets.sh # where environment variables are set!
rails assets:precompile
rails db:migrate

Getting Data

The data in the app is loaded from NVD database. To load a specific year, please, visit this route:

http://whereyouapp.is/nvd_load_year/2018

Replace 2018 with the year you want to start with. Then repeat the process with the consecutive years.

Finally, load the last delta into the app by visiting:

http://whereyouapp.is/nvd_update

Visiting this URL time-to-time will update your database of vulnerabilities. Vulnswatch will remind you if the last update is too old.

Example Passenger Configuration

This is how we configure nginx and passenger:

user    www-data;
worker_processes  1;
pid        logs/nginx.pid;

events {
    worker_connections  1024;
}


http {
    passenger_root /home/deploy/.rvm/gems/ruby-2.3.1/gems/passenger-5.1.11;
    passenger_ruby /home/deploy/.rvm/gems/ruby-2.3.1/wrappers/ruby;

    include       mime.types;
    default_type  application/octet-stream;


    sendfile        on;
    keepalive_timeout  65;

    server {
        listen       80;
        server_name  vulnswatch.genua.de;
        listen 443 ssl;
        ssl_certificate /opt/nginx/ssl/vulnswatch.genua.de.pem;
        ssl_certificate_key /opt/nginx/ssl/nginx.key;

        passenger_enabled on;
        rails_env    production;
        root /home/deploy/vulnswatch/public;
        location / { passenger_enabled on; }
    }
}

vulnswatch's People

Contributors

qutorial avatar

Stargazers

Tomas Zatko avatar avatar Austin Songer,MIS,CEH,ESCA,Project+ (Navy Veteran) avatar avatar avatar

Watchers

James Cloos avatar Maximilian Pascher avatar avatar Marvin Knoblauch avatar

Forkers

sbambach freakx23

vulnswatch's Issues

Bulk reaction

Select many vulnerabilities and do a bulk reaction.

Filtering after selecting a project does not work

This is due to select reloads the page and filtering click goes forgotten if it happens
to occur before the new page is loaded.

A solution might be to display a waiting animation before reload.

Active landing page

A landing page allows an unregistered user to check quickly for his vulnerabilities.
Registration is offered later.

Searching for exact match

Add operators to the search.
E.g. "Apache 2." will search for the exact string.
-'Apache 1' - will delete Apache 1 from search

Other operators as and and or are not planned yet.

Save sorting and filterring

For the user to go back to vulns view and see the same results as before
save the sorting and filtering params in the session.

Make non js version better

Non js version shall not show pages when possible at all.
Make sure turbolinks work right and bootstrap works right without js.

New ||=

In the new controller methods account for an error case.

Then the object worked upon is also set, so you do object ||= Object.new instead of a simple assignment.

Reports for customers

Deliver printable report for customer given a number of vulnerabilities selected.
The customer must learn from the report, what is the status of fixing them.

Tag over summary

Now tags are prioritized by the relevance algorithm over summary.
In other words, when there is a tag on vulnerability, the summary is ignored completely.

If somebody tags a relevant vulnerability with a wrong tag, maybe maliciously even,
then the vulnerability will disappear from the relevant vulnerabilities list.

Import project from file

A file is given, like a Gemfile, which describes a project.
Systems are taken from this file.

Documentation

Decide on the documentation format and produce first docu.

Think of linking docu in the app. Like (i) signs where a user can check, what a field is or similar.

Account for software versions

If somebody writes 'squid 3' in the project description nothing gets found.
Software shall understand that numbers are usually version information and care about them.
Now squid 3 is not getting found when summary has squid 3.0 as . is a 'word' character, so the regex for relevance rejects it.

Speed up relevant search

It is possible to implement lazy summary matching, building in an enumerable probably.
Pagination needs the count still.
Tags solve the problem to some extent.
Maybe separate features of searching in summary and in tags¿

Teams

Introduce teams.
Users can belong to a team.
Members of the same team can see what others have done: reactions and tags.

Add integration with ticketing systems

Fixing process in the ticketing system might be tracked and reported in the reaction.
E.g. a new field in the table tells if the related issue in the ticketing system was resolved.

Tags for affected components

Instead of a text field for affected components make tags so that everybody could
tag a vulnerability with the component he thinks is affected.

Redirect on Login

Should probably go to relevant vulnerabilities, or to a new project page, when there is no project.

Clearing strict search

When the search criteria are too strict, no vulns are found. Offer to clear the search in the
message that no vulnerabilities are found.

Strip spaces from tags

If the user puts leading or trailing spaces in tag components, they shall be stripped.

Support groups and collaboration

An owner of the project might make it private or publlc - for read access
He can invite people to the project with different roles.

Make e-mails work

Mailing is not enabled now in heroku.
Make it work when in production.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.