From f40eaaf65092be344f2e21af37e7baa6d4fb9183 Mon Sep 17 00:00:00 2001 From: Davide Arcuri Date: Tue, 13 Feb 2024 09:34:46 +0100 Subject: [PATCH] maxmind info --- .gitignore | 3 ++ CHANGELOG.md | 7 +++ compose/local/django/Dockerfile | 3 ++ compose/local/maxmind/README.txt | 5 ++ orochi/static/css/style.css | 4 ++ orochi/templates/website/index.html | 36 +++++++++++-- .../templates/website/partial_analysis.html | 2 +- orochi/templates/website/partial_indices.html | 2 +- .../{partial_vt.html => partial_json.html} | 8 +-- orochi/utils/volatility_dask_elk.py | 10 ++-- orochi/website/urls.py | 1 + orochi/website/views.py | 52 ++++++++++++++++++- requirements/base.txt | 4 +- 13 files changed, 118 insertions(+), 19 deletions(-) create mode 100644 compose/local/maxmind/README.txt rename orochi/templates/website/{partial_vt.html => partial_json.html} (70%) diff --git a/.gitignore b/.gitignore index 96812249..21d1c867 100644 --- a/.gitignore +++ b/.gitignore @@ -272,3 +272,6 @@ compose/local/clamav/freshclam.conf # History .history orochi/utils/test.py +compose/local/maxmind/GeoLite2-ASN.mmdb +compose/local/maxmind/GeoLite2-City.mmdb +compose/local/maxmind/GeoLite2-Country.mmdb \ No newline at end of file diff --git a/CHANGELOG.md b/CHANGELOG.md index f1556c24..5e9b1308 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,5 +1,12 @@ ## Changelog + +
+ OROCHI 2.2.0 + + * ADD more info on foreign addr in netstat [[#494](https://github.com/LDO-CERT/orochi/issues/494)] +
+
OROCHI 2.1.0 [2024/02/12] diff --git a/compose/local/django/Dockerfile b/compose/local/django/Dockerfile index ec13df63..485c6051 100644 --- a/compose/local/django/Dockerfile +++ b/compose/local/django/Dockerfile @@ -69,6 +69,9 @@ RUN pip install -r /requirements/local.txt --ignore-installed ruamel.yaml COPY ./compose/local/__init__.py /src/volatility3/volatility3/framework/constants/__init__.py +RUN mkdir /maxmind +COPY ./compose/local/maxmind /maxmind + WORKDIR /app COPY . . COPY ./compose/local/django/entrypoint /entrypoint diff --git a/compose/local/maxmind/README.txt b/compose/local/maxmind/README.txt new file mode 100644 index 00000000..fad78019 --- /dev/null +++ b/compose/local/maxmind/README.txt @@ -0,0 +1,5 @@ +MAXMIND MMDB FILES +=================================================================== + +In order to update MaxMind database you should download them from a workstation with Internet connection. +This is necessary because you must download databases from https://www.maxmind.com/en/accounts/851360/geoip/downloads after login with a proper account. diff --git a/orochi/static/css/style.css b/orochi/static/css/style.css index eebad8ef..5b908ac8 100644 --- a/orochi/static/css/style.css +++ b/orochi/static/css/style.css @@ -25,6 +25,10 @@ a.navbar-brand { padding-bottom: 0px; } +.list-group-item { + background-color: rgba(var(--bs-tertiary-bg-rgb),var(--bs-bg-opacity))!important; +} + /******************************************************** MOVE DOWN FROM TITLE [OVVERRIDE DASHBOARD] ********************************************************/ diff --git a/orochi/templates/website/index.html b/orochi/templates/website/index.html index eaf10274..fef48c79 100644 --- a/orochi/templates/website/index.html +++ b/orochi/templates/website/index.html @@ -11,7 +11,7 @@ {% endblock %} {% block sidebar %} -