From d84e07954a8ef9b640d3bed6bbfe9f9422e67f80 Mon Sep 17 00:00:00 2001 From: Yasunari Momoi Date: Tue, 15 Aug 2017 17:31:37 +0900 Subject: [PATCH 1/5] improve README documentation. - add comments for -log-dir option - fix section hierarchy - remove trailing spaces - some fix for markdownlint - some misspelling fixed --- README.md | 319 ++++++++++++++++++++++++++++-------------------------- 1 file changed, 165 insertions(+), 154 deletions(-) diff --git a/README.md b/README.md index 181dd226..1fa82b5a 100644 --- a/README.md +++ b/README.md @@ -5,20 +5,24 @@ and the Japanese JVN [2], which contain security vulnerabilities according to th CVE identifiers [3] including exhaustive information and a risk score. The local copy is generated in sqlite format, and the tool has a server mode for easy querying. -[1] https://en.wikipedia.org/wiki/National_Vulnerability_Database -[2] https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures -[3] http://jvndb.jvn.jp/apis/termsofuse.html +[1] https://en.wikipedia.org/wiki/National_Vulnerability_Database +[2] https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures +[3] http://jvndb.jvn.jp/apis/termsofuse.html -## Install Requirements +## Installation + +### Install requirements go-cve-dictionary requires the following packages. -- SQLite3, MySQL, Postgres or Redis +- SQLite3, MySQL, PostgreSQL or Redis - git - gcc - go v1.7.1 or later - https://golang.org/doc/install +Here's an example for Amazon EC2 server. + ```bash $ ssh ec2-user@52.100.100.100 -i ~/.ssh/private.pem $ sudo yum -y install sqlite git gcc @@ -26,29 +30,25 @@ $ wget https://storage.googleapis.com/golang/go1.7.1.linux-amd64.tar.gz $ sudo tar -C /usr/local -xzf go1.7.1.linux-amd64.tar.gz $ mkdir $HOME/go ``` + Put these lines into /etc/profile.d/goenv.sh ```bash -export GOROOT=/usr/local/go export GOPATH=$HOME/go -export PATH=$PATH:$GOROOT/bin:$GOPATH/bin +export PATH=$PATH:/usr/local/go/bin:$GOPATH/bin ``` Set the OS environment variable to current shell + ```bash $ source /etc/profile.d/goenv.sh ``` -## Deploy go-cve-dictionary +### Deploy go-cve-dictionary To install: - ```bash -$ sudo mkdir /var/log/vuls -$ sudo chown ec2-user /var/log/vuls -$ sudo chmod 700 /var/log/vuls -$ $ mkdir -p $GOPATH/src/github.com/kotakanbe $ cd $GOPATH/src/github.com/kotakanbe $ git clone https://github.com/kotakanbe/go-cve-dictionary.git @@ -56,8 +56,17 @@ $ cd go-cve-dictionary $ make install ``` -Fetch Vulnerability data from NVD. -It takes about 10 minutes (on AWS). +Create a log output directory. +You can use another directory on the command line option (-log-dir). + +```bash +$ sudo mkdir /var/log/vuls +$ sudo chown ec2-user /var/log/vuls +$ sudo chmod 700 /var/log/vuls +``` + +Fetch vulnerability data from NVD. +It takes about 10 minutes (on AWS). ```bash $ for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i; done @@ -66,8 +75,9 @@ $ ls -alh cve.sqlite3 -rw-r--r-- 1 ec2-user ec2-user 7.0M Mar 24 13:20 cve.sqlite3 ``` -Now we have vulnerability data. -Start go-cve-dictionary as server mode. +Now we have vulnerability data. +Start go-cve-dictionary as server mode. + ```bash $ go-cve-dictionary server [Mar 24 15:21:55] INFO Opening DB. datafile: /home/ec2-user/cve.sqlite3 @@ -76,9 +86,26 @@ $ go-cve-dictionary server [Mar 24 15:21:56] INFO Listening on 127.0.0.1:1323 ``` -# Hello HeartBleed +### Update go-cve-dictionary + +If the DB schema was changed, please specify new SQLite3, MySQL, PostgreSQL or Redis DB file. +```bash +$ cd $GOPATH/src/github.com/kotakanbe/go-cve-dictionary +$ git pull +$ rm -r vendor +$ make install ``` + +Binary files are created under $GOPATH/bin + +---- + +## Sample data sources + +### Hello HeartBleed + +```bash $ curl http://127.0.0.1:1323/cves/CVE-2014-0160 | jq "." { "CveID": "CVE-2014-0160", @@ -125,9 +152,9 @@ $ curl http://127.0.0.1:1323/cves/CVE-2014-0160 | jq "." ``` -# Hello Ruby on Rails 4.0.2 +### Hello Ruby on Rails 4.0.2 -``` +```bash $ curl -v -H "Accept: application/json" -H "Content-type: application/json" -X POST -d '{"name": "cpe:/a:rubyonrails:ruby_on_rails:4.0.2:-"}' http://localhost:1323/cpes | jq "." [ { @@ -174,9 +201,13 @@ $ curl -v -H "Accept: application/json" -H "Content-type: application/json" -X P ] ``` -# Usage: +---- -``` +## Usage + +### Usage: List subcommands + +```bash $ go-cve-dictionary -help Usage: go-cve-dictionary @@ -199,18 +230,19 @@ Use "go-cve-dictionary flags" for a list of top-level flags ``` go-cve-dictionary has four subcommands -- fetchnvd - Fetch vulnerbility data from NVD(English) -- fetchjvn - Fetch vulnerbility data from JVN(Japanese) - -- server +- fetchnvd + Fetch vulnerability data from NVD(English) +- fetchjvn + Fetch vulnerability data from JVN(Japanese) +- server Start HTTP server -# Usage: Fetch NVD Data. +---- -``` +### Usage: Fetch NVD Data + +```bash $ go-cve-dictionary fetchnvd -help fetchnvd: fetchnvd @@ -221,7 +253,7 @@ fetchnvd: [-http-proxy=http://192.168.0.1:8080] [-debug] [-debug-sql] - [-log-dir] + [-log-dir=/path/to/log] For the first time, run the blow command to fetch data for entire period. (It takes about 10 minutes) $ for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i ; done @@ -245,42 +277,37 @@ For the first time, run the blow command to fetch data for entire period. (It ta ``` - Fetch data in the last two years - -``` -$ go-cve-dictionary fetchnvd -last2y -``` + ```bash + $ go-cve-dictionary fetchnvd -last2y + ``` - Fetch data of specific years - -``` -$ go-cve-dictionary fetchnvd -years 2002 2003 2016 -``` + ```bash + $ go-cve-dictionary fetchnvd -years 2002 2003 2016 + ``` - Fetch NVD data for entire period. -``` -for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i; done - -``` - + ```bash + for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i; done + ``` ---- -# Usage: Fetch JVN Data. +### Usage: Fetch JVN Data -``` +```bash $ go-cve-dictionary fetchjvn -h fetchjvn: fetchjvn [-latest] [-last2y] [-years] 1998 1999 ... - [-dbpath=$PWD/cve.sqlite3] [-dbpath=$PWD/cve.sqlite3 or connection string] [-dbtype=mysql|postgres|sqlite3|redis] [-http-proxy=http://192.168.0.1:8080] [-debug] [-debug-sql] - [-log-dir] + [-log-dir=/path/to/log] -dbpath string /path/to/sqlite3 or SQL connection string (default "$PWD/cve.sqlite3") @@ -304,28 +331,25 @@ fetchjvn: ``` - Fetch data for entire period - -``` -for i in `seq 1998 $(date +"%Y")`; do go-cve-dictionary fetchjvn -years $i; done -``` + ```bash + for i in `seq 1998 $(date +"%Y")`; do go-cve-dictionary fetchjvn -years $i; done + ``` - Fetch data in the last two years - -``` -$ go-cve-dictionary fetchjvn -last2y -``` + ```bash + $ go-cve-dictionary fetchjvn -last2y + ``` - Fetch data for latest - -``` -$ go-cve-dictionary fetchjvn -latest -``` + ```bash + $ go-cve-dictionary fetchjvn -latest + ``` ---- -# Usage: Run HTTP Server. +### Usage: Run HTTP Server -``` +```bash $ go-cve-dictionary server -h server: server @@ -335,7 +359,7 @@ server: [-dbtype=mysql|postgres|sqlite3|redis] [-debug] [-debug-sql] - [-log-dir] + [-log-dir=/path/to/log] -bind string HTTP server bind to IP address (default: loop back interface) (default "127.0.0.1") @@ -356,164 +380,151 @@ server: ---- -# Usage: Use MySQL as a DB storage back-end +### Usage: Use MySQL as a DB storage back-end - fetchnvd -``` -$ go-cve-dictionary fetchnvd -last2y \ - -dbtype mysql \ - -dbpath "user:pass@tcp(localhost:3306)/dbname?parseTime=true" -``` + ```bash + $ go-cve-dictionary fetchnvd -last2y \ + -dbtype mysql \ + -dbpath "user:pass@tcp(localhost:3306)/dbname?parseTime=true" + ``` - fetchjvn -``` -$ go-cve-dictionary fetchjvn -last2y \ - -dbtype mysql \ - -dbpath "user:pass@tcp(localhost:3306)/dbname?parseTime=true" -``` + ```bash + $ go-cve-dictionary fetchjvn -last2y \ + -dbtype mysql \ + -dbpath "user:pass@tcp(localhost:3306)/dbname?parseTime=true" + ``` - server -``` -$ go-cve-dictionary server \ - -dbtype mysql \ - -dbpath "user:pass@tcp(localhost:3306)/dbname?parseTime=true" -``` + ```bash + $ go-cve-dictionary server \ + -dbtype mysql \ + -dbpath "user:pass@tcp(localhost:3306)/dbname?parseTime=true" + ``` -# Usage: Use Postgres as a DB storage back-end +### Usage: Use Postgres as a DB storage back-end - fetchnvd -``` -$ go-cve-dictionary fetchnvd -last2y \ - -dbtype postgres \ - -dbpath "host=myhost user=user dbname=dbname sslmode=disable password=password" -``` + ```bash + $ go-cve-dictionary fetchnvd -last2y \ + -dbtype postgres \ + -dbpath "host=myhost user=user dbname=dbname sslmode=disable password=password" + ``` - fetchjvn -``` -$ go-cve-dictionary fetchjvn -last2y \ - -dbtype postgres \ - -dbpath "host=myhost user=user dbname=dbname sslmode=disable password=password" -``` + ```bash + $ go-cve-dictionary fetchjvn -last2y \ + -dbtype postgres \ + -dbpath "host=myhost user=user dbname=dbname sslmode=disable password=password" + ``` - server -``` -$ go-cve-dictionary server \ - -dbtype postgres \ - -dbpath "host=myhost user=user dbname=dbname sslmode=disable password=password" -``` + ```bash + $ go-cve-dictionary server \ + -dbtype postgres \ + -dbpath "host=myhost user=user dbname=dbname sslmode=disable password=password" + ``` -# Usage: Use Redis as a DB storage back-end +### Usage: Use Redis as a DB storage back-end - fetchnvd -``` -$ go-cve-dictionary fetchnvd -last2y \ - -dbtype redis \ - -dbpath "redis://localhost/0" -``` + ```bash + $ go-cve-dictionary fetchnvd -last2y \ + -dbtype redis \ + -dbpath "redis://localhost/0" + ``` - fetchjvn -``` -$ go-cve-dictionary fetchjvn -last2y \ - -dbtype redis \ - -dbpath "redis://localhost/0" -``` + ```bash + $ go-cve-dictionary fetchjvn -last2y \ + -dbtype redis \ + -dbpath "redis://localhost/0" + ``` - server -``` -$ go-cve-dictionary server \ - -dbtype redis \ - -dbpath "redis://localhost/0" -``` + ```bash + $ go-cve-dictionary server \ + -dbtype redis \ + -dbpath "redis://localhost/0" + ``` ---- -# How to Update +## Misc -- Update go-cve-dictionary -If the DB schema was changed, please specify new SQLite3, MySQL, Postgres or Redis DB file. +- HTTP Proxy Support -``` -$ cd $GOPATH/src/github.com/kotakanbe/go-cve-dictionary -$ git pull -$ rm -r vendor -$ make install -``` - -Binary Files are created under $GOPARH/bin - ----- - -# Misc +If your system at behind HTTP proxy, you have to specify -http-proxy option. -- HTTP Proxy Support -If your system is behind HTTP proxy, you have to specify --http-proxy option. +- How to daemonize go-cve-dictionary -- How to Daemonize go-cve-dictionary Use Systemd, Upstart or supervisord, daemontools... -- How to update vulnerbility data automatically. -Use job scheduler like Cron (with -last2y or -latest option). +- How to update vulnerability data automatically. + +Use job scheduler like cron (with -last2y or -latest option). - How to cross compile + ```bash - $ cd /path/to/your/local-git-reporsitory/go-cve-dictionary + $ cd /path/to/your/local-git-repository/go-cve-dictionary $ GOOS=linux GOARCH=amd64 go build -o cvedict.amd64 ``` -- Logging -Log wrote to under /var/log/vuls/ +- Logging + +go-cve-dictionary writes a log under -log-path specified directory (default is /var/log/vuls/). + +- Debug -- Debug -Run with --debug, --sql-debug option. +Run with -debug, -sql-debug option. ---- -# Data Source +## Data Source - [NVD](https://nvd.nist.gov/) - [JVN(Japanese)](http://jvndb.jvn.jp/apis/myjvn/) - - ---- -# Authors +## Authors kotakanbe ([@kotakanbe](https://twitter.com/kotakanbe)) created go-cve-dictionary and [these fine people](https://github.com/future-architect/go-cve-dictionary/graphs/contributors) have contributed. ---- -# Contribute +## How to Contribute -1. fork a repository: github.com/kotakanbe/go-cve-dictionary to github.com/you/repo -2. get original code: github.com/kotakanbe/go-cve-dictionary -3. work on original code -4. add remote to your repo: git remote add myfork https://github.com/you/repo.git -5. push your changes: git push myfork -6. create a new Pull Request +1. fork a repository: github.com/kotakanbe/go-cve-dictionary to github.com/you/repository +1. get original code: github.com/kotakanbe/go-cve-dictionary +1. work on original code +1. add remote to your repository: git remote add myfork https://github.com/you/repo.git +1. push your changes: git push myfork +1. create a new Pull Request - see [GitHub and Go: forking, pull requests, and go-getting](http://blog.campoy.cat/2014/03/github-and-go-forking-pull-requests-and.html) ---- -# Change Log +## Change Log -Please see [CHANGELOG](https://github.com/kotakanbe/go-cve-dictionary/blob/master/CHANGELOG.md). +Please see [CHANGELOG.md](https://github.com/kotakanbe/go-cve-dictionary/blob/master/CHANGELOG.md). ---- -# Licence +## Licence Please see [LICENSE](https://github.com/kotakanbe/go-cve-dictionary/blob/master/LICENSE). ---- -# Additional License +## Additional License - [NVD](https://nvd.nist.gov/faq) ->How can my organization use the NVD data within our own products and services? -> All NVD data is freely available from our XML Data Feeds. There are no fees, licensing restrictions, or even a requirement to register. All NIST publications are available in the public domain according to Title 17 of the United States Code. Acknowledgment of the NVD when using our information is appreciated. In addition, please email nvd@nist.gov to let us know how the information is being used. +> How can my organization use the NVD data within our own products and services? +> All NVD data is freely available from our XML Data Feeds. There are no fees, licensing restrictions, or even a requirement to register. All NIST publications are available in the public domain according to Title 17 of the United States Code. Acknowledgment of the NVD when using our information is appreciated. In addition, please email nvd@nist.gov to let us know how the information is being used. - [JVN](http://jvndb.jvn.jp/apis/termsofuse.html) - From 34f1e9965029004735f9c0406c18b9c779c62e29 Mon Sep 17 00:00:00 2001 From: Yasunari Momoi Date: Tue, 15 Aug 2017 17:39:41 +0900 Subject: [PATCH 2/5] fix spacing. --- README.md | 15 +++++++++++++++ 1 file changed, 15 insertions(+) diff --git a/README.md b/README.md index 1fa82b5a..905eca3d 100644 --- a/README.md +++ b/README.md @@ -277,16 +277,19 @@ For the first time, run the blow command to fetch data for entire period. (It ta ``` - Fetch data in the last two years + ```bash $ go-cve-dictionary fetchnvd -last2y ``` - Fetch data of specific years + ```bash $ go-cve-dictionary fetchnvd -years 2002 2003 2016 ``` - Fetch NVD data for entire period. + ```bash for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i; done ``` @@ -331,16 +334,19 @@ fetchjvn: ``` - Fetch data for entire period + ```bash for i in `seq 1998 $(date +"%Y")`; do go-cve-dictionary fetchjvn -years $i; done ``` - Fetch data in the last two years + ```bash $ go-cve-dictionary fetchjvn -last2y ``` - Fetch data for latest + ```bash $ go-cve-dictionary fetchjvn -latest ``` @@ -383,6 +389,7 @@ server: ### Usage: Use MySQL as a DB storage back-end - fetchnvd + ```bash $ go-cve-dictionary fetchnvd -last2y \ -dbtype mysql \ @@ -390,6 +397,7 @@ server: ``` - fetchjvn + ```bash $ go-cve-dictionary fetchjvn -last2y \ -dbtype mysql \ @@ -397,6 +405,7 @@ server: ``` - server + ```bash $ go-cve-dictionary server \ -dbtype mysql \ @@ -406,6 +415,7 @@ server: ### Usage: Use Postgres as a DB storage back-end - fetchnvd + ```bash $ go-cve-dictionary fetchnvd -last2y \ -dbtype postgres \ @@ -413,6 +423,7 @@ server: ``` - fetchjvn + ```bash $ go-cve-dictionary fetchjvn -last2y \ -dbtype postgres \ @@ -420,6 +431,7 @@ server: ``` - server + ```bash $ go-cve-dictionary server \ -dbtype postgres \ @@ -429,6 +441,7 @@ server: ### Usage: Use Redis as a DB storage back-end - fetchnvd + ```bash $ go-cve-dictionary fetchnvd -last2y \ -dbtype redis \ @@ -436,6 +449,7 @@ server: ``` - fetchjvn + ```bash $ go-cve-dictionary fetchjvn -last2y \ -dbtype redis \ @@ -443,6 +457,7 @@ server: ``` - server + ```bash $ go-cve-dictionary server \ -dbtype redis \ From 478dc15928f3a4001c00d9b3c15fed8a2b99424e Mon Sep 17 00:00:00 2001 From: Yasunari Momoi Date: Tue, 15 Aug 2017 17:43:49 +0900 Subject: [PATCH 3/5] fix spacing. --- README.md | 126 +++++++++++++++++++++++++++--------------------------- 1 file changed, 63 insertions(+), 63 deletions(-) diff --git a/README.md b/README.md index 905eca3d..cabb0c70 100644 --- a/README.md +++ b/README.md @@ -278,21 +278,21 @@ For the first time, run the blow command to fetch data for entire period. (It ta - Fetch data in the last two years - ```bash - $ go-cve-dictionary fetchnvd -last2y - ``` + ```bash + $ go-cve-dictionary fetchnvd -last2y + ``` - Fetch data of specific years - ```bash - $ go-cve-dictionary fetchnvd -years 2002 2003 2016 - ``` + ```bash + $ go-cve-dictionary fetchnvd -years 2002 2003 2016 + ``` - Fetch NVD data for entire period. - ```bash - for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i; done - ``` + ```bash + for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i; done + ``` ---- @@ -335,21 +335,21 @@ fetchjvn: - Fetch data for entire period - ```bash - for i in `seq 1998 $(date +"%Y")`; do go-cve-dictionary fetchjvn -years $i; done - ``` + ```bash + for i in `seq 1998 $(date +"%Y")`; do go-cve-dictionary fetchjvn -years $i; done + ``` - Fetch data in the last two years - ```bash - $ go-cve-dictionary fetchjvn -last2y - ``` + ```bash + $ go-cve-dictionary fetchjvn -last2y + ``` - Fetch data for latest - ```bash - $ go-cve-dictionary fetchjvn -latest - ``` + ```bash + $ go-cve-dictionary fetchjvn -latest + ``` ---- @@ -390,79 +390,79 @@ server: - fetchnvd - ```bash - $ go-cve-dictionary fetchnvd -last2y \ - -dbtype mysql \ - -dbpath "user:pass@tcp(localhost:3306)/dbname?parseTime=true" - ``` + ```bash + $ go-cve-dictionary fetchnvd -last2y \ + -dbtype mysql \ + -dbpath "user:pass@tcp(localhost:3306)/dbname?parseTime=true" + ``` - fetchjvn - ```bash - $ go-cve-dictionary fetchjvn -last2y \ - -dbtype mysql \ - -dbpath "user:pass@tcp(localhost:3306)/dbname?parseTime=true" - ``` + ```bash + $ go-cve-dictionary fetchjvn -last2y \ + -dbtype mysql \ + -dbpath "user:pass@tcp(localhost:3306)/dbname?parseTime=true" + ``` - server - ```bash - $ go-cve-dictionary server \ - -dbtype mysql \ - -dbpath "user:pass@tcp(localhost:3306)/dbname?parseTime=true" - ``` + ```bash + $ go-cve-dictionary server \ + -dbtype mysql \ + -dbpath "user:pass@tcp(localhost:3306)/dbname?parseTime=true" + ``` ### Usage: Use Postgres as a DB storage back-end - fetchnvd - ```bash - $ go-cve-dictionary fetchnvd -last2y \ - -dbtype postgres \ - -dbpath "host=myhost user=user dbname=dbname sslmode=disable password=password" - ``` + ```bash + $ go-cve-dictionary fetchnvd -last2y \ + -dbtype postgres \ + -dbpath "host=myhost user=user dbname=dbname sslmode=disable password=password" + ``` - fetchjvn - ```bash - $ go-cve-dictionary fetchjvn -last2y \ - -dbtype postgres \ - -dbpath "host=myhost user=user dbname=dbname sslmode=disable password=password" - ``` + ```bash + $ go-cve-dictionary fetchjvn -last2y \ + -dbtype postgres \ + -dbpath "host=myhost user=user dbname=dbname sslmode=disable password=password" + ``` - server - ```bash - $ go-cve-dictionary server \ - -dbtype postgres \ - -dbpath "host=myhost user=user dbname=dbname sslmode=disable password=password" - ``` + ```bash + $ go-cve-dictionary server \ + -dbtype postgres \ + -dbpath "host=myhost user=user dbname=dbname sslmode=disable password=password" + ``` ### Usage: Use Redis as a DB storage back-end - fetchnvd - ```bash - $ go-cve-dictionary fetchnvd -last2y \ - -dbtype redis \ - -dbpath "redis://localhost/0" - ``` + ```bash + $ go-cve-dictionary fetchnvd -last2y \ + -dbtype redis \ + -dbpath "redis://localhost/0" + ``` - fetchjvn - ```bash - $ go-cve-dictionary fetchjvn -last2y \ - -dbtype redis \ - -dbpath "redis://localhost/0" - ``` + ```bash + $ go-cve-dictionary fetchjvn -last2y \ + -dbtype redis \ + -dbpath "redis://localhost/0" + ``` - server - ```bash - $ go-cve-dictionary server \ - -dbtype redis \ - -dbpath "redis://localhost/0" - ``` + ```bash + $ go-cve-dictionary server \ + -dbtype redis \ + -dbpath "redis://localhost/0" + ``` ---- From cf1eb7580a682d19ba8bc979d7cdb18486ce90e2 Mon Sep 17 00:00:00 2001 From: Yasunari Momoi Date: Tue, 15 Aug 2017 17:48:38 +0900 Subject: [PATCH 4/5] fix fetchnvd and fetchjvn usage --- README.md | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/README.md b/README.md index cabb0c70..d9e6108f 100644 --- a/README.md +++ b/README.md @@ -276,22 +276,22 @@ For the first time, run the blow command to fetch data for entire period. (It ta Refresh NVD data of specific years. ``` -- Fetch data in the last two years +- Fetch data for entire period. ```bash - $ go-cve-dictionary fetchnvd -last2y + for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i; done ``` -- Fetch data of specific years +- Fetch data in the last two years ```bash - $ go-cve-dictionary fetchnvd -years 2002 2003 2016 + $ go-cve-dictionary fetchnvd -last2y ``` -- Fetch NVD data for entire period. +- Fetch data of specific years ```bash - for i in `seq 2002 $(date +"%Y")`; do go-cve-dictionary fetchnvd -years $i; done + $ go-cve-dictionary fetchnvd -years 2002 2003 2016 ``` ---- @@ -345,6 +345,12 @@ fetchjvn: $ go-cve-dictionary fetchjvn -last2y ``` +- Fetch data of specific years + + ```bash + $ go-cve-dictionary fetchjvn -years 2002 2003 2016 + ``` + - Fetch data for latest ```bash From 237884d93d7c1611741569ae93a007cbc23057bb Mon Sep 17 00:00:00 2001 From: Kota Kanbe Date: Wed, 16 Aug 2017 09:56:59 +0900 Subject: [PATCH 5/5] Update README.md --- README.md | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/README.md b/README.md index d9e6108f..d7d2771e 100644 --- a/README.md +++ b/README.md @@ -5,8 +5,8 @@ and the Japanese JVN [2], which contain security vulnerabilities according to th CVE identifiers [3] including exhaustive information and a risk score. The local copy is generated in sqlite format, and the tool has a server mode for easy querying. -[1] https://en.wikipedia.org/wiki/National_Vulnerability_Database -[2] https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures +[1] https://en.wikipedia.org/wiki/National_Vulnerability_Database +[2] https://en.wikipedia.org/wiki/Common_Vulnerabilities_and_Exposures [3] http://jvndb.jvn.jp/apis/termsofuse.html ## Installation @@ -474,16 +474,13 @@ server: ## Misc -- HTTP Proxy Support - +- HTTP Proxy Support If your system at behind HTTP proxy, you have to specify -http-proxy option. -- How to daemonize go-cve-dictionary - +- How to daemonize go-cve-dictionary Use Systemd, Upstart or supervisord, daemontools... -- How to update vulnerability data automatically. - +- How to update vulnerability data automatically Use job scheduler like cron (with -last2y or -latest option). - How to cross compile @@ -493,12 +490,10 @@ Use job scheduler like cron (with -last2y or -latest option). $ GOOS=linux GOARCH=amd64 go build -o cvedict.amd64 ``` -- Logging - +- Logging go-cve-dictionary writes a log under -log-path specified directory (default is /var/log/vuls/). -- Debug - +- Debug Run with -debug, -sql-debug option. ----