Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up

Dockerfiles for MalwareDB, and Postgres with our similarity extensions

License

NotificationsYou must be signed in to change notification settings

malwaredb/docker

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

79 Commits
 
 
 
 
 
 
 
 
 
 
 
 

There are two Dockerfiles:

  • MalwareDB/Dockerfile builds a container with both Postgres with the extensions and MalwareDB.
  • Postgres/Dockerfile builds Postgres only with the extensions. This is for installations where MalwareDB should be separate from the database, or by those who'd like to use the similarity extensions.

Both use Postgres 15 from Debian 12 Bookworm.

Postgres Extensions

Postgres is installed, and extensions built with extensions for:

To use the extensions,you have to add them toeach database schema you wish to use them as the schema owner, or as thepostgres user. SQL commands:

  • CREATE OR REPLACE FUNCTION lzjd_compare(TEXT, TEXT) RETURNS INTEGER AS 'lzjd_psql.so', 'pg_lzjd_compare' LANGUAGE 'c';
  • CREATE OR REPLACE FUNCTION fuzzy_hash_compare(TEXT, TEXT) RETURNS INTEGER AS 'ssdeep_psql.so', 'pg_fuzzy_hash_compare' LANGUAGE 'c';
  • CREATE OR REPLACE FUNCTION sdhash_compare(TEXT, TEXT) RETURNS INTEGER AS 'sdhash_psql.so', 'pg_sdhash_compare' LANGUAGE 'c';
  • CREATE OR REPLACE FUNCTION tlsh_compare(TEXT, TEXT) RETURNS INTEGER AS 'tlsh_psql.so', 'pg_tlsh_compare' LANGUAGE 'c';

Be sure to set the admin password for Postgres via thePOSTGRES_PASSWORD environment variable, shown below.

$ git clone https://github.com/malwaredb/docker.git$ cd docker/Postgres$ docker build -t postgres-similarity/latest .$ mkdir pg_data$ docker run -v `pwd`/pg_data:/var/lib/postgresql/data -p 5432:5432 -e POSTGRES_PASSWORD=yoursecurepassword postgres-similarity/latest

MalwareDB

The images are about ~4GB, could probably be smaller. The SQL commands for adding the fuzzy hash functions above are added by thestart.sh script at container start. The Postgres server won't be accessible outside the container.

You should use this with an existing Postgres data instance so you can have the administrative settings in order (users, groups, sources). At present, the administrative functions aren't available over the HTTP API.

$ git clone https://github.com/malwaredb/docker.git$ cd docker/MalwareDB$ docker build -t malwaredb/latest .$ mkdir mdb_data$ mkdir mdb_data/db$ mkdir mdb_data/samples$ docker run -v `pwd`/mdb_data/db:/var/lib/postgresql/data -v `pwd`/samples:/malware_samples -p 8080:8080 malwaredb/latest

About

Dockerfiles for MalwareDB, and Postgres with our similarity extensions

Topics

Resources

License

Code of conduct

Security policy

Stars

Watchers

Forks

Releases

No releases published

Sponsor this project

 

Packages

 
 
 
[8]ページ先頭
©2009-2025 Movatter.jp