More than 5 years have passed since last update.

Taxii サーバを試してみる(1.サーバ設定)

Last updated at 2017-03-28Posted at 2017-03-28

きっかけ

libtaxiiを触ってみる ( http://qiita.com/KoriCori/items/03baefe7ece59050da75 )を参照のこと。

今回は、taxii サーバを建て、Client / Server 環境を整える。

環境

# cat /etc/redhat-release 
CentOS Linux release 7.3.1611 (Core)
# uname -a
Linux localhost.localdomain 3.10.0-327.13.1.el7.x86_64 #1 SMP Thu Mar 31 16:04:38 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
# python -V
Python 2.7.5
# pip -V
pip 9.0.1 from /usr/lib/python2.7/site-packages (python 2.7)

セットアップ

Opentaxii インストール

GithubにあるEclecticIQレポジトリからサンプル設定ファイルを取得し設定する。

# cd /home
# git clone https://github.com/EclecticIQ/OpenTAXII.git
# cd OpenTAXII
# pip install -r requirements.txt
# python setup.py install

Opentaxii サーバ設定

サーバ設定ファイルは opentaxii/defaults.yml に配置されている。

---

domain: "localhost:9000"
support_basic_auth: yes
save_raw_inbox_messages: yes

persistence_api:
  class: opentaxii.persistence.sqldb.SQLDatabaseAPI
  parameters:
    db_connection: sqlite:////tmp/data.db
    create_tables: yes

auth_api:
  class: opentaxii.auth.sqldb.SQLDatabaseAPI
  parameters:
    db_connection: sqlite:////tmp/auth.db
    create_tables: yes
    secret: SECRET-STRING-NEEDS-TO-BE-CHANGED

logging:
  opentaxii: info
  root: info

xml_parser_supports_huge_tree: yes

hooks:

今回はテストの為、DBはsqliteで確認する。
その他、PostgreSQL / MySQLに対応しているとのこと。

Opentaxii サーバが稼働しているかテスト

opentaxii-run-dev にて、デフォルトのサーバ設定でテストをすることができる。

※ 次回、記載予定のservice/collectionを既に設定済み。

# discovery_client --url http://127.0.0.1:9000/services/discovery-a
Request:

Message Type: Discovery_Request
Message ID: 8106670413668492641

Response:

Message Type: Discovery_Response
Message ID: 9138330222858032445; In Response To: 8106670413668492641
  === Service Instance ===
    Service Type: INBOX
    Service Version: urn:taxii.mitre.org:services:1.1
    Protocol Binding: urn:taxii.mitre.org:protocol:http:1.0
    Service Address: http://localhost/services/inbox-a
    Message Binding: urn:taxii.mitre.org:message:xml:1.0
    Message Binding: urn:taxii.mitre.org:message:xml:1.1
    Inbox Service AC: []
    Available: True
    Message: Custom Inbox Service Description A
  === Service Instance ===
    Service Type: INBOX
    Service Version: urn:taxii.mitre.org:services:1.1
    Protocol Binding: urn:taxii.mitre.org:protocol:http:1.0
    Service Address: http://localhost/services/inbox-b
    Message Binding: urn:taxii.mitre.org:message:xml:1.0
    Message Binding: urn:taxii.mitre.org:message:xml:1.1
    Inbox Service AC: ['urn:stix.mitre.org:xml:1.1.1', 'urn:custom.example.com:json:0.0.1']
    Available: True
    Message: Custom Inbox Service Description B
  === Service Instance ===
    Service Type: DISCOVERY
    Service Version: urn:taxii.mitre.org:services:1.1
    Protocol Binding: urn:taxii.mitre.org:protocol:http:1.0
    Service Address: http://localhost/services/discovery-a
    Message Binding: urn:taxii.mitre.org:message:xml:1.0
    Message Binding: urn:taxii.mitre.org:message:xml:1.1
    Available: True
    Message: Custom Discovery Service description
  === Service Instance ===
    Service Type: DISCOVERY
    Service Version: urn:taxii.mitre.org:services:1.1
    Protocol Binding: urn:taxii.mitre.org:protocol:https:1.0
    Service Address: https://localhost/services/discovery-a
    Message Binding: urn:taxii.mitre.org:message:xml:1.0
    Message Binding: urn:taxii.mitre.org:message:xml:1.1
    Available: True
    Message: Custom Discovery Service description
  === Service Instance ===
    Service Type: COLLECTION_MANAGEMENT
    Service Version: urn:taxii.mitre.org:services:1.1
    Protocol Binding: urn:taxii.mitre.org:protocol:http:1.0
    Service Address: http://localhost/services/collection-management-a
    Message Binding: urn:taxii.mitre.org:message:xml:1.0
    Message Binding: urn:taxii.mitre.org:message:xml:1.1
    Available: True
    Message: Custom Collection Management Service description
  === Service Instance ===
    Service Type: COLLECTION_MANAGEMENT
    Service Version: urn:taxii.mitre.org:services:1.1
    Protocol Binding: urn:taxii.mitre.org:protocol:https:1.0
    Service Address: https://localhost/services/collection-management-a
    Message Binding: urn:taxii.mitre.org:message:xml:1.0
    Message Binding: urn:taxii.mitre.org:message:xml:1.1
    Available: True
    Message: Custom Collection Management Service description
  === Service Instance ===
    Service Type: POLL
    Service Version: urn:taxii.mitre.org:services:1.1
    Protocol Binding: urn:taxii.mitre.org:protocol:http:1.0
    Service Address: http://localhost/services/poll-a
    Message Binding: urn:taxii.mitre.org:message:xml:1.0
    Message Binding: urn:taxii.mitre.org:message:xml:1.1
    Available: True
    Message: Custom Poll Service description

ちゃんと確認することができました。
次回は、しっかりとservice/collectionを設定していきたいと思います。

参照サイト

OpenTAXII http://www.opentaxii.org/en/stable/
EclecticIQ/OpenTAXII https://github.com/EclecticIQ/OpenTAXII

You get articles that match your needs
You can efficiently read back useful information
You can use dark theme

What you can do with signing up