Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Activity
    TheOfficalNick
    @TheOfficalNick
    Hi all. I am having issues with a cronjob for my MISP instance which is dockerized. I am rather sure its something stupid I am doing. The script works fine if you manually fire it. Here is a link to the Microsoft documentation that I followed https://github.com/microsoftgraph/security-api-solutions/blob/master/Samples/MISP/README.md Here is my cronjob 30 0,4,8.12,16,20 * /var/www/MISP/security-api-solutions/Samples/MISP/python3 script.sh
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    So maybe someone else don't have to go throught this - on debian 11, you need libldap-common for ldaps. ldap without the s works fine, and ldap_bind gives useless error messages with ldaps.
    re the coolacid docker upgrading to debian 11
    spexboy
    @spexboy
    nginx: [emerg] too long parameter "##########..." started in /etc/nginx/sites-enabled/misp:3
    Getting this error when i try to restart the nginx.
    a-ml
    @a-ml
    anyone successful running misp docker on M1?
    Weliton Souza
    @ServSlack
    Can you specify what is M1 ?
    a-ml
    @a-ml
    MacBook with M1 ship
    Weliton Souza
    @ServSlack
    I think that if you can install Docker inside you MAC, probably you are able to run MISP there.
    a-ml
    @a-ml
    Yes I know that... but seems that the docker image doesn't support ARM64 processor
    Weliton Souza
    @ServSlack
    Maybe you can use VIRTUALBOX and inside there use a AMD64 VM to use and do your tests.
    a-ml
    @a-ml
    Virtualbox isn't an emulator... so if I install VB on ARM64 which is not supported at moment, I would no be able to use a AMD, since VB isn't an emulator.
    anyway thank you
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    MISP is just PHP (and python) code. So as long as you can get a working webserver, PHP and python inside a docker or straight on the host, you can run MISP
    Fukusuke Takahashi
    @fukusuket
    @a-ml I can run docker misp on M1 MacBook air as follows.
    https://github.com/MISP/misp-docker/issues/141#issuecomment-1172992220
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    @coolacid: hmm, have you managed to build the docker on *.159 ?
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    i get here
    Step 36/55 : COPY --from=composer-build /tmp/Vendor /var/www/MISP/app/Vendor
     ---> 7f6834a577d1
    Step 37/55 : COPY --from=composer-build /tmp/Plugin /var/www/MISP/app/Plugin
    COPY failed: stat tmp/Plugin: file does not exist
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    composer/installers contains a Composer plugin which is blocked by your allow-plugins config. You may add it to the list if you consider it safe. See https://getcomposer.org/allow-plugins
    You can run "composer config --no-plugins allow-plugins.composer/installers [true|false]" to enable it (true) or keep it disabled and suppress this warning (false)
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    @coolacid: PR coolacid/docker-misp#179
    edwin3746
    @edwin3746
    HI, is there a way to change the default listening port in MISP's docker compose.yml to something other than port 80?
    4 replies
    luciano (righel)
    @luciano:matrix.circl.lu
    [m]
    edwin3746
    @edwin3746
    hmm..it says the site cant be reached (localhost refused to connect.)
    luciano (righel)
    @luciano:matrix.circl.lu
    [m]
    checking
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    You just removed the line 31 correct, you didn't change it to something else?
    edwin3746
    @edwin3746
    yes, my ports: section only has "443:443" now
    luciano (righel)
    @luciano:matrix.circl.lu
    [m]
    works without issues for me.
    edwin3746
    @edwin3746
    let me try again
    luciano (righel)
    @luciano:matrix.circl.lu
    [m]
    maybe you tried browsing the page before the containers finished the bootstrap?
    edwin3746
    @edwin3746
    hmm its possible
    image.png
    did you receive this
    luciano (righel)
    @luciano:matrix.circl.lu
    [m]
    yes
    default certificates are self-signed, you can replace them with lets encrypt ones if you want
    edwin3746
    @edwin3746
    ahhh i see
    so after replacing them with a generated certificate of my own, it would be secured?
    luciano (righel)
    @luciano:matrix.circl.lu
    [m]
    yes
    edwin3746
    @edwin3746
    I see. Thank you all so much. Have been a great help
    luciano (righel)
    @luciano:matrix.circl.lu
    [m]
    you should place your certificates in the ssl directory
    edwin3746
    @edwin3746
    gotcha :)
    David Decker
    @xfaith
    Trying to to use run misp-docker with portainer, getting an error misp:latest image does not exist.
    edwin3746
    @edwin3746

    hi, does anyone know why the 'baseurl' field in my MISP config.php file keeps reverting to default after i stop and start my AWS instance?

    MISP is on docker, and started using docker compose up

    2 replies
    luciano (righel)
    @luciano:matrix.circl.lu
    [m]
    You can create a docker-compose.override.yml file and specify the baseurl you want to remain after re-launching the containers.
    see: https://github.com/coolacid/docker-misp/blob/master/docker-compose.yml#L40
    Your docker-compose.override.yml file should look something like this:
    version: '3'
    services:
      misp:
        environment:
          - "HOSTNAME=https://PUT_YOUR_BASE_URL_HERE"
    edwin3746
    @edwin3746
    oh so the HOSTNAME field corresponds to the 'baseurl' filed in config.php. Didn't know that, thanks so much again!
    1 reply
    luciano (righel)
    @luciano:matrix.circl.lu
    [m]
    Anders Einar (Kagee)
    @hildenae:matrix.org
    [m]
    For those of you using a newer mysql/mariadb docker, and a an older database, maybe check for Incorrect definition of table mysql.*** in the db docker logs
    a mysql_upgrade -u root -p should fix it
    (or mariadb-upgrade, as it might be)