Comments (14)
In my experience, trying to install EMBA on a server with a lot of cores (I have it running on a 36 core aws machine right now) causes the same issues with updating and populating the CVE database. A workaround that I found to that issue is to run the emba installer solely by utilizing two cores. While I didn't really look into why it helps, I assume that the large number of cores opens more threads which causes some DDOS protection mechanism on the remote server to kick in (again, just a guess). This can be done by running the installer program like so:
sudo taskset -c 0,1 ./installer.sh -d
which will run the installation script using only two cores. I know that you can go into the files and change the code but I'm lazy ;)
from emba.
Found another source of cve-serach issues. Kept getting this error message while running ./external/cve-search/sbin/db_updater.py -f
CVEDownloads - ERROR - Did not receive last-modified header in the response; setting to default (01-01-1970) and force update! Headers received: {'content-length': '93', 'cache-control': 'no-cache', 'content-type': 'text/html', 'connection': 'close'}
Error is gone by adjusting max_workers to 1 in https://github.com/cve-search/cve-search/blob/1f0b50aa46814e2a683a9b7b01da8bcc0403154e/lib/DownloadHandler.py#L121 like this
thread_map(self.download_site, sites, desc="Downloading files", max_workers=1)
Afterwards ./external/cve-search/sbin/db_updater.py -f
works fine (takes longer though) and no cve-serach issue anymore for me.
Really seems like there is a rate limit with https://nvd.nist.gov/
Source: cve-search/cve-search#890 (comment)
from emba.
@brainsht thank you for documenting this issue. I will include it into the main post.
from emba.
thread_map(self.download_site, sites, desc="Downloading files", max_workers=1)
Really seems like there is a rate limit with https://nvd.nist.gov/ Source: cve-search/cve-search#890 (comment)
That max_workers
argument is now exposed as $HOME/.cvexplore/.env
as MAX_DOWNLOAD_WORKERS
and you can define it along with the NVD_NIST_API_KEY
variable.
sudo taskset -c 0,1 ./installer.sh -d
is not yet documented in the wiki and I suspect that there are still threading issues within EMBA, probably (see: #908 (comment)).
from emba.
If you are running into cve-search issues please test #913
from emba.
This issue is stale because it has been open for 14 days with no activity.
from emba.
This issue was closed because it has been inactive for 7 days since being marked as stale.
from emba.
Hi,
When iam trying to run the utility it gives an error CVE- search not working , check issue number 187 thus iam here .
Now i have checked all the steps above.
for some reason this is the output
i have checked with some older versions
from emba.
Please check the following:
- is your network ok? -> ifconfig should show the
emba_runs
network device with ip address172.36.0.1
- is mongod running?
netstat -anpt | grep 27017
- is redis running?
netstat -anpt | grep 6379
from emba.
Then check mongod, restart it, check logs and as it is running you can do an update of the database.
from emba.
I follow the above operations to do, are normal. But I still show cve-search -no ok. I don't know why.
from emba.
@aserper thank you for documenting this issue and the workaround. I will add a link to the wiki
from emba.
With version 1.3.0 we switched to python environment. This results in the need of activating the python environment before doing cve-search tasks.
On the host system it is possible to activate it the following way:
└─$ source ./external/emba_venv/bin/activate
In the docker container it is possible to activate it the following way:
└─$ source /external/emba_venv/bin/activate
from emba.
It is now recommend to setup a NIST API key
See also https://github.com/e-m-b-a/emba/wiki/Installation#prerequisites
from emba.
Related Issues (20)
- Error while installing on Ubuntu WSL HOT 13
- Installation Fails Due to CVE-Search Looking at 127.0.0.1 instead of 172.36.0.1 HOT 3
- CVE seacher error HOT 9
- HTML Report: One missing CVE in each software product HOT 3
- Improve our interesting firmware collection HOT 17
- cve-search Dep-check fails with working db HOT 1
- Use EasyLKB for kernel emulation (and debugging?) HOT 3
- ERROR: The Compose file './docker-compose.yml' is invalid HOT 3
- KeyError: epss HOT 12
- UEFI firmware analysis should not analyse every single file on an extracted filesystem? HOT 10
- couldn't find remote ref master HOT 3
- Addition of C/C++ Semgrep ruleset HOT 6
- Installation notes is obsolete HOT 1
- Kali Linux 2023.04 is out now HOT 2
- cwe-checker not working HOT 2
- Ghidra Dependency Help HOT 7
- Does the software have a breakpoint rescan function HOT 4
- Drone firmware testing support HOT 1
- Adding identification of components HOT 6
- P35_uefi_extractor is always executed on embedded linux image HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from emba.