Skip to content

Ravenports/vulnerability_server

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

29 Commits
scraper
scraper
 
 
server
server
 
 
share
share
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
rpaudit.conf
rpaudit.conf
 
 
vuln.conf.sample
vuln.conf.sample
 
 

Repository files navigation

vulnerability_server

National Vulnerable Database server for Ravenports

MySQL Schema

Table structure for table cpe_versions

CREATE TABLE `cpe_versions` (
  `cpe_id` int(11) NOT NULL AUTO_INCREMENT,
  `cpe_string` tinytext NOT NULL,
  `last_seen` datetime NOT NULL,
  PRIMARY KEY (`cpe_id`),
  UNIQUE KEY `cpe_string_UNIQUE` (`cpe_string`) USING HASH
) ENGINE=InnoDB AUTO_INCREMENT=1203 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_uca1400_ai_ci;

Table structure for table cve

CREATE TABLE `cve` (
  `cve_index` int(11) NOT NULL AUTO_INCREMENT,
  `cve_id` tinytext NOT NULL,
  `published` datetime NOT NULL,
  `modified` datetime NOT NULL,
  `description` mediumtext NOT NULL,
  `csvv_version` tinyint(4) DEFAULT NULL,
  `csvv_basescore` tinyint(4) DEFAULT NULL,
  `csvv_exploit` tinyint(4) DEFAULT NULL,
  `csvv_impact` tinyint(4) DEFAULT NULL,
  `csvv_vector` tinytext DEFAULT NULL,
  PRIMARY KEY (`cve_index`),
  UNIQUE KEY `cve_name_UNIQUE` (`cve_id`) USING HASH
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_uca1400_ai_ci;

Table structure for table vulnerability_map

CREATE TABLE `vulnerability_map` (
  `cpe_id` int(11) NOT NULL,
  `cve_index` int(11) NOT NULL,
  PRIMARY KEY (`cpe_id`,`cve_index`),
  KEY `fk_cve` (`cve_index`),
  CONSTRAINT `fk_cpe` FOREIGN KEY (`cpe_id`) REFERENCES `cpe_versions` (`cpe_id`) ON DELETE CASCADE ON UPDATE NO ACTION,
  CONSTRAINT `fk_cve` FOREIGN KEY (`cve_index`) REFERENCES `cve` (`cve_index`) ON DELETE CASCADE ON UPDATE NO ACTION
) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_uca1400_ai_ci;

MySQL credentials file

Name

/raven/etc/vuln.conf

Contents

The "nvd" section is optional. It stores the NVD API key.

schema: <name of MySQL database>
credentials:
    user: <user>
    password: <pass>
server:
    host: <IP address or domain name>
    port: <port>
nvd:
    apikey: <nvd-provided key>

How to set periodic for Ravenports

/etc/periodic.conf

Add one of the following versions of this line to periodic.conf

local_periodic="/usr/local/etc/periodic /raven/etc/periodic"

local_periodic="/raven/etc/periodic"

Then add this line:

daily_rp_audit_enable="YES"

How to set cron task (instead of periodic)

Update crontab (daily) for updating Ravenports vulnerability database

Add last line to end of /var/cron/tabs/root or use "crontab -e" as root

#minute hour    mday    month   wday    command
5       21      *       *       *       /raven/sbin/rpaudit.sh

Rotating Ravenports Audit logs daily with compression

Add to end of /etc/newsyslog.conf:

<include> /raven/etc/newsyslog.conf.d/*

Contents /raven/etc/newsyslog.conf.d/rpaudit.conf:

# logfilename          [owner:group]    mode count size when  flags [/pid_file] [sig_num]
/var/log/rpaudit.log                    640  7     *    @T20  ZN

About

National Vulnerable Database server for Ravenports

Resources

Readme

License

ISC license
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

7 tags

Packages

No packages published

Languages