Skip to content
This repository has been archived by the owner on Apr 20, 2022. It is now read-only.

Latest commit

 

History

History
136 lines (108 loc) · 4.33 KB

README_CN.md

File metadata and controls

136 lines (108 loc) · 4.33 KB
Raw

DongTai-engine

license Apache-2.0 GitHub stars GitHub forks GitHub Contributors

django-project Release DongTai Engine Github Version Release downloads

English

项目介绍

DongTai-Engine用于处理DongTai探针采集到的数据,功能如下:

  1. 根据方法池数据和污点跟踪算法分析HTTP/HTTPS/RPC请求中是否存在漏洞
  2. 定期处理漏洞验证请求
  3. 定期更新组件中存在的漏洞
  4. 定期清理过期的日志数据
  5. 定期维护探针检测引擎的状态

部署方案

基础服务:MySql、Redis

基础服务配置如下:

服务名称 地址 端口 其他配置
MySql 127.0.0.1 3306 账号:dongtai
密码:dongtai-iast
库名:dongtai_webapi
Redis 127.0.0.1 6379 密码:123456
Redis库:0

官方镜像部署

  1. 拉取官方镜像
$ docker pull registry.cn-beijing.aliyuncs.com/secnium/iast-saas-engine:latest
  1. 创建配置文件:/etc/dongtai/config.ini,内容如下:
[mysql]
host = 127.0.0.1
port = 3306
name = dongtai_webapi
user = dongtai
password = dongtai-iast

[redis]
host = 127.0.0.1
port = 6379
password = 123456
db = 0

; 下面的内容未使用,保持默认
[engine]
url = http://engine_url

[smtp]
server = server
user = user
password = password
from_addr = from_addr
ssl = False
cc_addr = cc_addr

[aliyun_oss]
access_key = access_key
access_key_secret = access_key
  1. 启动dongtai-engine容器并映射配置文件
$ docker run -d --name dongtai-engine -v /etc/dongtai/config.ini:/opt/dongtai/engine/conf/config.ini --restart=always secnium/iast-saas-engine:latest
  1. 启动dongtai-engine-task容器并映射配置文件
$ docker run -d --name dongtai-engine-task -v /etc/dongtai/config.ini:/opt/dongtai/engine/conf/config.ini --restart=always secnium/iast-saas-engine:latest bash /opt/dongtai/engine/docker/entrypoint.sh

构建镜像部署

  1. 构建镜像
$ docker build -t secnium/iast-saas-engine:latest .
  1. 创建配置文件:/etc/dongtai/config.ini,内容如下:
[mysql]
host = 127.0.0.1
port = 3306
name = dongtai_webapi
user = dongtai
password = dongtai-iast

[redis]
host = 127.0.0.1
port = 6379
password = 123456
db = 0

; 下面的内容未使用,保持默认
[engine]
url = http://engine_url

[smtp]
server = server
user = user
password = password
from_addr = from_addr
ssl = False
cc_addr = cc_addr

[aliyun_oss]
access_key = access_key
access_key_secret = access_key
  1. 启动dongtai-engine容器并映射配置文件
$ docker run -d --name dongtai-engine -v /etc/dongtai/config.ini:/opt/dongtai/engine/conf/config.ini --restart=always secnium/iast-saas-engine:latest
  1. 启动dongtai-engine-task容器并映射配置文件
$ docker run -d --name dongtai-engine-task -v /etc/dongtai/config.ini:/opt/dongtai/engine/conf/config.ini --restart=always secnium/iast-saas-engine:latest bash /opt/dongtai/engine/docker/entrypoint.sh

文档