aau-network-security / gollector Goto Github PK
View Code? Open in Web Editor NEWApplication for retrieving and storing domain names from various sources
License: GNU General Public License v3.0
Application for retrieving and storing domain names from various sources
License: GNU General Public License v3.0
add the item to the cache:
As suggested from @mrturkmen06 i am reporting this problem.
Running tests on CI with this parameter run: go test -v --race ./...
give back the following error :
https://github.com/aau-network-security/gollector/runs/689914296?check_suite_focus=true#step:6:68
With some high-performant IPC communication between a process and a cache container (high throughput => 100,000 messages per second, low latency => (far) under ms), it would be possible to run multiple measurements simultaneously.
+------------------+ +------------------+
| | | |
| Process 1 | | Process 2 |
| | | |
| +------------+ | | +------------+ |
| | | | | | | |
| | Cache | | | | Cache | |
| | | | | | | |
+--+------+-----+--+ +--+-----+------+--+
| |
| |
| |
| |
| |
+--------------+--------------+
|
+-------+--------+
| |
| Persistent |
| |
+----------------+
+------------------+ +------------------+
| | | |
| Process 1 | | Process 2 |
| | | |
+-------+----------+ +---------+--------+
| |
+--------------+ +------------+
| | High performant IPC
| |
+-----+----+-----+
| |
| Cache |
| |
+-------+--------+
|
| Asynchronous, but reliable
+-------+--------+
| |
| Persistent |
| |
+----------------+
Error messages are somewhat difficult to debug otherwise
When running the cache over TLS, the certmagic
lib automatically obtains certificates. The issued certificates are stored on disk, but because we currently do not mount a volume to persist those certificates, they disappear whenever the container is closed, and with a restart a new cert is issued. As a result, the rate limit of Let's Encrypt may be hit, locking us out of running on TLS for a few days.
The docker-compose
config should mount a volume to the correct location where the certs are stored by certmagic
skip query db if the cache size is not reached
I am not convinced the current implementation is correct. The only zone file accessible over FTP is the .com
one
Right now, I believe gollector
does not handle renewal of certificates by certmagic. Only relevant when the cache is running for a long time
There exists a "zonediffer" and a "zones" collector and one of them is supported whereas the other is not.
I think there is a problem by retrieving the last stored certificate from the DB. I guess this function dosen't work very well (https://github.com/aau-network-security/gollector/blob/master/app/ct/main.go#L135).
The way ct
should work: it should insert in the DB (n) certificates every time is run. the function linked above should get the last entered certificate from the DB in order to scan the next (n) certificates from that one.
The way ct
is working right now: the first time i run ct
it enters the first 100 certificates. Running it again it dosen't store the next 100 certificates in the DB.
The function linked above give back an error in the tests too
https://github.com/aau-network-security/gollector/pull/39/checks#step:6:111
It might be useful to retrieve the current state of the entries contained in cache process via an gRPC. To go even further, a monitoring tool can read this state and visualize the growth of number of entries over time.
We should probably consider using an LRU cache, instead of caching everything.
Somehow Golang does not manage to read environment variables
Make sure the implementation about CT logs works for all the collectors component we have
This results in the failure to download some zone files, and wrong last_seen
dates
Use just a library to interact with the DB. pq should be the best on
docker-compose
requires all environment variables to be set, even when building the application, which is unnecessary. We should move the environment variable check to the be done in the application itself, rather than in docker-compose
Instead of relying on a precompiled list of TLDs, use the CZDS api to retrieve all TLDs to scan
We must be able to distinguish between multiple measurements from different vantage points, knowing exactly which data point belongs to which data set/vantage point.
A couple of significant requirements:
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.