search

eliasgranderubio / dagda

a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities
Apache License 2.0
1.16k stars 163 forks source link

MongoDB port to be changed to non-standard port. #38

Closed binoopnanu closed 6 years ago

binoopnanu commented 6 years ago

Short description

I was trying to deploy the dokcer-compose option on our environment, unfortunately I cant use the normal mongodb port 27017 as its in use already.. So for example I am using a host port 27018 and container port 27017.

Would it work ? We tried with some options without much luck. Please advice.

eliasgranderubio commented 6 years ago

Hi @binoopnanu ,

Probably, your docker environment has the icc=false configuration parameter setted, so your containers cannot communicate with others within the same host through docker bridge networks.

Despite of this, you can configure your docker-compose.yml like I show you below thanks to the unresolved issue 21990 of the Moby repository --> https://github.com/moby/moby/issues/21990

Please, test the next docker-compose.yml in your environment and let me know if your issue would be fixed :-)

version: '2'
services:
  dagda:
    build: .
    image: 3grander/dagda:0.8.0
    container_name: dagda
    entrypoint: python dagda.py start -s 0.0.0.0 -p 5000 -m 172.17.0.1 -mp 27018
    ports:
      - "5000:5000"
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock:ro
      - /tmp:/tmp
    depends_on:
      - vulndb
  vulndb:
    image: mongo
    container_name: vulndb
    ports:
      - "27018:27017"
    volumes:
      - ./db:/data/db
binoopnanu commented 6 years ago

Hi @eliasgranderubio ,

I've used the new docker-compose file... the db has been updated.

bash-4.3# python3 dagda.py vuln --init_status { "status": "Updated", "timestamp": "2018-09-27 02:21:14.605383" } bash-4.3#

But I am getting a below error when I try to scan alpine image..

bash-4.3# python3 dagda.py history [ { "anomalies": 0, "image_name": "alpine", "libs_vulns": 0, "malware_bins": 0, "os_vulns": 0, "reportid": "5bb2a613d8b9180001b13fb1", "start_date": "2018-10-01 23:00:59.492841", "status": "Unexpected exception of type DagdaError occured: '4depcheck output file [/tmp/4depcheck/alpine.json] not found.'" } ] bash-4.3# python3 dagda.py history alpine --d "5bb2a613d8b9180001b13fb1" [ { "id": "5bb2a613d8b9180001b13fb1", "image_name": "alpine", "static_analysis": { "malware_binaries": [], "os_packages": { "ok_os_packages": 13, "os_packages_details": [ { "is_false_positive": false, "is_vulnerable": false, "product": "musl", "version": "1.1.19", "vulnerabilities": [] }, { "is_false_positive": false, "is_vulnerable": false, "product": "busybox", "version": "1.28.4", "vulnerabilities": [] }, { "is_false_positive": false, "is_vulnerable": false, "product": "alpine-baselayout", "version": "3.1.0", "vulnerabilities": [] }, { "is_false_positive": false, "is_vulnerable": false, "product": "alpine-keys", "version": "2.1", "vulnerabilities": [] }, { "is_false_positive": false, "is_vulnerable": false, "product": "libressl2.7-libcrypto", "version": "2.7.4", "vulnerabilities": [] }, { "is_false_positive": false, "is_vulnerable": false, "product": "libressl2.7-libssl", "version": "2.7.4", "vulnerabilities": [] }, { "is_false_positive": false, "is_vulnerable": false, "product": "libressl2.7-libtls", "version": "2.7.4", "vulnerabilities": [] }, { "is_false_positive": false, "is_vulnerable": false, "product": "ssl_client", "version": "1.28.4", "vulnerabilities": [] }, { "is_false_positive": false, "is_vulnerable": false, "product": "zlib", "version": "1.2.11", "vulnerabilities": [] }, { "is_false_positive": false, "is_vulnerable": false, "product": "apk-tools", "version": "2.10.1", "vulnerabilities": [] }, { "is_false_positive": false, "is_vulnerable": false, "product": "scanelf", "version": "1.2.3", "vulnerabilities": [] }, { "is_false_positive": false, "is_vulnerable": false, "product": "musl-utils", "version": "1.1.19", "vulnerabilities": [] }, { "is_false_positive": false, "is_vulnerable": false, "product": "libc-utils", "version": "0.7.1", "vulnerabilities": [] } ], "total_os_packages": 13, "vuln_os_packages": 0 }, "prog_lang_dependencies": { "dependencies_details": { "java": [], "js": [], "nodejs": [], "php": [], "python": [], "ruby": [] }, "vuln_dependencies": 0 } }, "status": "Unexpected exception of type DagdaError occured: '4depcheck output file [/tmp/4depcheck/alpine.json] not found.'", "timestamp": "2018-10-01 23:00:59.492841" } ] bash-4.3#

Any idea what could be the reason ?

eliasgranderubio commented 6 years ago

Hi @binoopnanu ,

If you have this error message, probably you have blocked the root user within containers execution in your environment. This issue is pending for fixed it in 4depcheck project:

If you run the same test in another environment, does dagda work fine? Could you inspect the docker logs for the 4depcheck containers?

eliasgranderubio commented 6 years ago

Hi @binoopnanu,

Could you give me any feedback about this issue?

eliasgranderubio commented 6 years ago

I close this issue because I have not any feedback about it for a long time.

Please, if the error persists, reopen it.