Comments (12)
This would imply something is blocking port 9000,
What does the server output when you run opentaxii-run-dev
?
from misp-taxii-server.
Hello,
I had posted that above, but the output was:
2017-01-04T15:52:22.273042Z [opentaxii.utils] info: api.initialized {level=info, timestamp=2017-01-04T15:52:22.273042Z, api=opentaxii.persistence.sqldb.SQLDatabaseAPI, event=api.initialized, logger=opentaxii.utils}
2017-01-04T15:52:22.297661Z [opentaxii.utils] info: api.initialized {level=info, timestamp=2017-01-04T15:52:22.297661Z, api=opentaxii.auth.sqldb.SQLDatabaseAPI, event=api.initialized, logger=opentaxii.utils}
2017-01-04T15:52:22.297855Z [opentaxii.server] info: taxiiserver.configured {level=info, timestamp=2017-01-04T15:52:22.297855Z, event=taxiiserver.configured, logger=opentaxii.server}
Traceback (most recent call last):
File "/usr/bin/opentaxii-run-dev", line 9, in <module>
load_entry_point('opentaxii==0.1.8a1', 'console_scripts', 'opentaxii-run-dev')()
File "/usr/lib/python3.4/site-packages/opentaxii-0.1.8a1-py3.4.egg/opentaxii/cli/run.py", line 6, in run_in_dev_mode
app.run(port=9000)
File "/usr/lib/python3.4/site-packages/Flask-0.11.1-py3.4.egg/flask/app.py", line 843, in run
run_simple(host, port, self, **options)
File "/usr/lib/python3.4/site-packages/Werkzeug-0.11.11-py3.4.egg/werkzeug/serving.py", line 677, in run_simple
s.bind((hostname, port))
OSError: [Errno 98] Address already in use
Thank you
from misp-taxii-server.
you said
If I attempt to end these processes and then retry I am able to get the server running.
What does the server say in this instance?
You clearly have a PHP process hooking onto :9000
from misp-taxii-server.
Sorry, had misinterpreted your post.
2017-01-04T15:56:43.818573Z [opentaxii.utils] info: api.initialized {api=opentaxii.persistence.sqldb.SQLDatabaseAPI, logger=opentaxii.utils, timestamp=2017-01-04T15:56:43.818573Z, level=info, event=api.initialized}
2017-01-04T15:56:43.837692Z [opentaxii.utils] info: api.initialized {api=opentaxii.auth.sqldb.SQLDatabaseAPI, logger=opentaxii.utils, timestamp=2017-01-04T15:56:43.837692Z, level=info, event=api.initialized}
2017-01-04T15:56:43.837891Z [opentaxii.server] info: taxiiserver.configured {logger=opentaxii.server, timestamp=2017-01-04T15:56:43.837891Z, level=info, event=taxiiserver.configured}
* Running on http://127.0.0.1:9000/ (Press CTRL+C to quit)
* Restarting with stat
2017-01-04T15:56:45.208352Z [opentaxii.utils] info: api.initialized {timestamp=2017-01-04T15:56:45.208352Z, event=api.initialized, logger=opentaxii.utils, level=info, api=opentaxii.persistence.sqldb.SQLDatabaseAPI}
2017-01-04T15:56:45.226746Z [opentaxii.utils] info: api.initialized {timestamp=2017-01-04T15:56:45.226746Z, event=api.initialized, logger=opentaxii.utils, level=info, api=opentaxii.auth.sqldb.SQLDatabaseAPI}
2017-01-04T15:56:45.226912Z [opentaxii.server] info: taxiiserver.configured {timestamp=2017-01-04T15:56:45.226912Z, event=taxiiserver.configured, logger=opentaxii.server, level=info}
* Debugger is active!
* Debugger pin code: 336-114-055
from misp-taxii-server.
Ok, what happens if you run
curl localhost:9000
?
from misp-taxii-server.
In separate terminal while this is running, I get
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2 Final//EN">
<title>404 Not Found</title>
<h1>Not Found</h1>
<p>The requested URL was not found on the server. If you entered the URL manually please check your spelling and try again.</p>
If I first end the above then run curl
curl: (7) Failed connect to localhost:9000; Connection refused
from misp-taxii-server.
ok, that implies your server is running correctly.
So, with the server running, try pushing a STIX document. Maybe with the -v
flag for some more info
from misp-taxii-server.
OK, this is what I get (pushing sample STIX document test.xml within the tests folder)
2017-01-04 12:38:55,754 cabby.dispatcher INFO: Sending Inbox_Message to http://localhost:9000/services/inbox
2017-01-04 12:38:55,754 cabby.dispatcher DEBUG: Request:
<taxii_11:Inbox_Message xmlns:taxii="http://taxii.mitre.org/messages/taxii_xml_binding-1" xmlns:taxii_11="http://taxii.mitre.org/messages/taxii_xml_binding-1.1" xmlns:tdq="http://taxii.mitre.org/query/taxii_default_query-1" message_id="14917b16-24d0-4da4-860e-4812e6192069">
<taxii_11:Destination_Collection_Name>collection</taxii_11:Destination_Collection_Name>
<taxii_11:Content_Block>
<taxii_11:Content_Binding binding_id="urn:stix.mitre.org:xml:1.1.1"/>
<taxii_11:Content>
<stix:STIX_Package xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:stix="http://stix.mitre.org/stix-1" xmlns:stixCommon="http://stix.mitre.org/common-1" xmlns:ttp="http://stix.mitre.org/TTP-1" xmlns:cybox="http://cybox.mitre.org/cybox-2" xmlns:AddressObject="http://cybox.mitre.org/objects#AddressObject-2" xmlns:cyboxVocabs="http://cybox.mitre.org/default_vocabularies-2" xmlns:stixVocabs="http://stix.mitre.org/default_vocabularies-1" xmlns:example="http://example.com/" xsi:schemaLocation=" http://stix.mitre.org/stix-1 http://stix.mitre.org/XMLSchema/core/1.1.1/stix_core.xsd http://stix.mitre.org/Campaign-1 http://stix.mitre.org/XMLSchema/campaign/1.1.1/campaign.xsd http://stix.mitre.org/Indicator-2 http://stix.mitre.org/XMLSchema/indicator/2.2/indicator.xsd http://stix.mitre.org/TTP-2 http://stix.mitre.org/XMLSchema/ttp/1.1.1/ttp.xsd http://stix.mitre.org/default_vocabularies-1 http://stix.mitre.org/XMLSchema/default_vocabularies/1.1.1.0/stix_default_vocabularies.xsd http://cybox.mitre.org/objects#AddressObject-2 http://cybox.mitre.org/XMLSchema/objects/Address/2.1/Address_Object.xsd" id="example:STIXPackage-cc0ca596-70e6-4dac-9bef-603166d17db8" version="1.1.1">
<stix:Observables cybox_major_version="1" cybox_minor_version="1">
<cybox:Observable id="example:observable-c8c32b6e-2ea8-51c4-6446-7f5218072f27">
<cybox:Object id="example:object-d7fcce87-0e98-4537-81bf-1e7ca9ad3734">
<cybox:Properties xsi:type="AddressObject:AddressObjectType" category="ipv4-addr">
<AddressObject:Address_Value>198.51.100.2</AddressObject:Address_Value>
</cybox:Properties>
</cybox:Object>
</cybox:Observable>
<cybox:Observable id="example:observable-b57aa65f-9598-04fb-a9d1-5094c36d5dc4">
<cybox:Object id="example:object-f4fac80a-1239-47cc-b0e6-771b1a73f817">
<cybox:Properties xsi:type="AddressObject:AddressObjectType" category="ipv4-addr">
<AddressObject:Address_Value>198.51.100.17</AddressObject:Address_Value>
</cybox:Properties>
</cybox:Object>
</cybox:Observable>
<cybox:Observable id="example:observable-19c16346-0eb4-99e2-00bb-4ec3ed174cac">
<cybox:Object id="example:object-174bf9a3-f163-4919-9119-b52598f97ce3">
<cybox:Properties xsi:type="AddressObject:AddressObjectType" category="ipv4-addr">
<AddressObject:Address_Value>203.0.113.19</AddressObject:Address_Value>
</cybox:Properties>
</cybox:Object>
</cybox:Observable>
</stix:Observables>
<stix:TTPs>
<stix:TTP xsi:type="ttp:TTPType" id="example:ttp-dd955e08-16d0-6f08-5064-50d9e7a3104d" timestamp="2014-05-08T09:00:00.000000Z">
<ttp:Title>Malware C2 Channel</ttp:Title>
<ttp:Resources>
<ttp:Infrastructure>
<ttp:Type>Malware C2</ttp:Type>
<ttp:Observable_Characterization cybox_major_version="2" cybox_minor_version="1">
<cybox:Observable idref="example:observable-c8c32b6e-2ea8-51c4-6446-7f5218072f27"/>
<cybox:Observable idref="example:observable-b57aa65f-9598-04fb-a9d1-5094c36d5dc4"/>
<cybox:Observable idref="example:observable-19c16346-0eb4-99e2-00bb-4ec3ed174cac"/>
</ttp:Observable_Characterization>
</ttp:Infrastructure>
</ttp:Resources>
</stix:TTP>
</stix:TTPs>
</stix:STIX_Package>
</taxii_11:Content>
<taxii_11:Timestamp_Label>2017-01-04T17:38:55.752771+00:00</taxii_11:Timestamp_Label>
</taxii_11:Content_Block>
</taxii_11:Inbox_Message>
2017-01-04 12:38:55,759 requests.packages.urllib3.connectionpool DEBUG: Starting new HTTP connection (1): localhost
2017-01-04 12:38:55,856 requests.packages.urllib3.connectionpool DEBUG: http://localhost:9000 "POST /services/inbox HTTP/1.1" 200 336
2017-01-04 12:38:55,857 cabby.dispatcher DEBUG: Response:
<taxii_11:Status_Message xmlns:taxii="http://taxii.mitre.org/messages/taxii_xml_binding-1" xmlns:taxii_11="http://taxii.mitre.org/messages/taxii_xml_binding-1.1" xmlns:tdq="http://taxii.mitre.org/query/taxii_default_query-1" message_id="2082285313538113775" in_response_to="14917b16-24d0-4da4-860e-4812e6192069" status_type="SUCCESS"/>
2017-01-04 12:38:55,858 cabby.client11.Client11 DEBUG: Content block successfully pushed
2017-01-04 12:38:55,858 cabby.cli.push INFO: Content block successfully pushed
It seems that it was pushed. However, if I try to go to access my MISP web interface, it is down. I am getting
Service Unavailable
The server is temporarily unable to service your request due to maintenance downtime or capacity problems. Please try again later.
from misp-taxii-server.
This is a problem with your webserver configuration, not with the taxii server. Closing issue.
Maybe take a closer look at your apache/whatever config
from misp-taxii-server.
Either that or misp isn't installed. One or the other,
from misp-taxii-server.
MISP is installed, and I had set up things with the default parameters. It seems when I kill the process running on port 9000, it is the MISP process being killed. Anyway, I'll update this if I get anywhere.
from misp-taxii-server.
As far as I know, there is no "misp" process.
You have something PHP-related trying to get onto 9000 though, try to figure out what that is
from misp-taxii-server.
Related Issues (20)
- Error 500 when push stix
- Taxii-Push Error: SSL_Wrong_Version_Number HOT 1
- Events not appearing in MISP after successful TAXII data push
- Taxii-push fails HOT 2
- Exception on /services/inbox [POST]: KeyError('response',)
- taxii-push broken after pymisp 2.4.119
- Anomaly STAXX integration with MISP HOT 2
- Foreign key constraint is incorrectly formed HOT 4
- add NameSpace to StixPackage
- TypeError: string indices must be integers
- MISP TAXII 404 not found
- TAXII UNAUTHORIZED HOT 8
- Taxii test Push failing with error HTTP Error: status code 500 HOT 1
- Taxii test file push fails with error status code 500 HOT 1
- HTTP Error: status code 500 HOT 2
- import stix v2.1 to MISP HOT 3
- Command "git reset --hard -q origin/master" failed with error code 128 in /home/misp/MISP-Taxii-Server/src/pymisp
- Error 404 on taxii-discovery and taxii-push HOT 1
- Request/Help needed
- errno: 150 "Foreign key constraint is incorrectly formed" + various other errors
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from misp-taxii-server.