Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

After update buffer overflow detected. #23

Open
huntson opened this issue Aug 9, 2024 · 0 comments
Open

After update buffer overflow detected. #23

huntson opened this issue Aug 9, 2024 · 0 comments

Comments

@huntson
Copy link

huntson commented Aug 9, 2024

After doing a docker pull for the latest version of ntop-ng, without changing anything else, I am not getting a buffer overflow error. See below for an excerpt from logs

09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface eth3 [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 2] 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface eth3 [id: 2] 09/Aug/2024 23:29:09 [NetworkInterface.cpp:3757] Cleanup interface eth2 09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface eth2 [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 3] 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface eth2 [id: 3] 09/Aug/2024 23:29:09 [NetworkInterface.cpp:3757] Cleanup interface eth0 09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface eth0 [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 4] 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface eth0 [id: 4] 09/Aug/2024 23:29:09 [NetworkInterface.cpp:3757] Cleanup interface eth1 09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface eth1 [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 5] 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface eth1 [id: 5] 09/Aug/2024 23:29:09 [NetworkInterface.cpp:3757] Cleanup interface br-231dd8573e17 09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface br-231dd8573e17 [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 6] 09/Aug/2024 23:29:09 [Utils.cpp:2757] ERROR: Cannot get hw addr for br-231dd8573e1 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface br-231dd8573e17 [id: 6] 09/Aug/2024 23:29:09 [NetworkInterface.cpp:3757] Cleanup interface br-288f3fd3b8e2 09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface br-288f3fd3b8e2 [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 7] 09/Aug/2024 23:29:09 [Utils.cpp:2757] ERROR: Cannot get hw addr for br-288f3fd3b8e 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface br-288f3fd3b8e2 [id: 7] 09/Aug/2024 23:29:09 [NetworkInterface.cpp:3757] Cleanup interface br-43eec5a2893e 09/Aug/2024 23:29:09 [main.cpp:266] Unable to open interface br-43eec5a2893e [97]: PF_RING not loaded. Falling back to pcap. 09/Aug/2024 23:29:09 [PcapInterface.cpp:111] Reading packets from [id: 8] 09/Aug/2024 23:29:09 [Utils.cpp:2757] ERROR: Cannot get hw addr for br-43eec5a2893 09/Aug/2024 23:29:09 [Ntop.cpp:2685] Registered interface br-43eec5a2893e [id: 8] 09/Aug/2024 23:29:09 [main.cpp:370] PID stored in file /var/run/ntopng.pid 09/Aug/2024 23:29:09 [Geolocation.cpp:170] Loaded database dbip-city-lite.mmdb [/usr/share/ntopng/httpdocs/geoip//dbip-city-lite.mmdb][ip_version: 6] 09/Aug/2024 23:29:09 [Geolocation.cpp:170] Loaded database dbip-asn-lite.mmdb [/usr/share/ntopng/httpdocs/geoip//dbip-asn-lite.mmdb][ip_version: 6] 09/Aug/2024 23:29:09 [Geolocation.cpp:109] Using geolocation provided by DB-IP (https://db-ip.com) 09/Aug/2024 23:29:09 [HTTPserver.cpp:1642] Found TLS certificate /usr/share/ntopng/httpdocs/ssl/ntopng-cert.pem 09/Aug/2024 23:29:09 [HTTPserver.cpp:1933] Web server dirs [/usr/share/ntopng/httpdocs][/usr/share/ntopng/scripts] 09/Aug/2024 23:29:09 [HTTPserver.cpp:1938] HTTP server listening on 3000 09/Aug/2024 23:29:09 [Utils.cpp:3882] WARNING: Capabilities cap_set_proc error: Operation not permitted 09/Aug/2024 23:29:09 [Utils.cpp:813] WARNING: Unable to retain privileges for privileged file writing 09/Aug/2024 23:29:10 [Utils.cpp:860] User changed to ntopng 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface lo [id: 1]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface lo [id: 1]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface eth3 [id: 2]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface eth3 [id: 2]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface eth2 [id: 3]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface eth2 [id: 3]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface eth0 [id: 4]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface eth0 [id: 4]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface eth1 [id: 5]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface eth1 [id: 5]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface br-231dd8573e17 [id: 6]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface br-231dd8573e17 [id: 6]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface br-288f3fd3b8e2 [id: 7]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface br-288f3fd3b8e2 [id: 7]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3469] Started flow user script hooks loop on interface br-43eec5a2893e [id: 8]... 09/Aug/2024 23:29:10 [NetworkInterface.cpp:3529] Started host user script hooks loop on interface br-43eec5a2893e [id: 8]... 09/Aug/2024 23:29:10 [main.cpp:445] Working directory: /var/lib/ntopng 09/Aug/2024 23:29:10 [main.cpp:447] Scripts/HTML pages directory: /usr/share/ntopng 09/Aug/2024 23:29:10 [Ntop.cpp:523] Welcome to ntopng x86_64 v.6.0.240531 (6.0-stable:93cb51d01a0f03d12c8503ae03e7936708e71ece:20240531) 09/Aug/2024 23:29:10 [Ntop.cpp:532] Built on Ubuntu 22.04.4 LTS 09/Aug/2024 23:29:10 [Ntop.cpp:534] (C) 1998-23 ntop 09/Aug/2024 23:29:10 [Ntop.cpp:945] Adding 127.0.0.1/32 as IPv4 interface address for lo 09/Aug/2024 23:29:10 [Ntop.cpp:956] Adding 127.0.0.0/8 as IPv4 local network for lo 09/Aug/2024 23:29:10 [Ntop.cpp:3583] WARNING: Unable to parse network 127.0.0.0/8 or already defined: skipping it 09/Aug/2024 23:29:10 [Ntop.cpp:945] Adding 172.29.36.1/32 as IPv4 interface address for br-231dd8573e17 09/Aug/2024 23:29:10 [Ntop.cpp:956] Adding 172.29.36.0/22 as IPv4 local network for br-231dd8573e17 09/Aug/2024 23:29:10 [Ntop.cpp:945] Adding 172.29.48.1/32 as IPv4 interface address for br-288f3fd3b8e2 09/Aug/2024 23:29:10 [Ntop.cpp:956] Adding 172.29.48.0/22 as IPv4 local network for br-288f3fd3b8e2 09/Aug/2024 23:29:10 [Ntop.cpp:945] Adding 172.29.40.1/32 as IPv4 interface address for br-43eec5a2893e 09/Aug/2024 23:29:10 [Ntop.cpp:956] Adding 172.29.40.0/22 as IPv4 local network for br-43eec5a2893e 09/Aug/2024 23:29:10 [Ntop.cpp:981] Adding ::1/128 as IPv6 interface address for lo 09/Aug/2024 23:29:10 [Ntop.cpp:993] Adding ::1/128 as IPv6 local network for lo 09/Aug/2024 23:29:10 [PeriodicActivities.cpp:108] Started periodic activities loop... 09/Aug/2024 23:29:10 [startup.lua:38] Processing startup.lua: please hold on... 09/Aug/2024 23:29:10 [startup.lua:121] [lists_utils.lua:831] Refreshing category lists... 09/Aug/2024 23:29:10 [startup.lua:121] [lists_utils.lua:417] Updating list 'Abuse.ch URLhaus' [https://urlhaus.abuse.ch/downloads/hostfile/]... OK 09/Aug/2024 23:29:10 [startup.lua:121] [lists_utils.lua:417] Updating list 'Emerging Threats' [https://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt]... OK 09/Aug/2024 23:29:10 [startup.lua:121] [lists_utils.lua:417] Updating list 'NoCoin Filter List' [https://raw.githubusercontent.com/hoshsadiq/adblock-nocoin-list/master/hosts.txt]... OK 09/Aug/2024 23:29:10 [startup.lua:121] [lists_utils.lua:417] Updating list 'SSLBL Botnet C2 IP Blacklist' [https://sslbl.abuse.ch/blacklist/sslipblacklist.txt]... OK 09/Aug/2024 23:29:11 [startup.lua:121] [lists_utils.lua:417] Updating list 'Stratosphere Lab' [https://mcfp.felk.cvut.cz/publicDatasets/CTU-AIPP-BlackList/Todays-Blacklists/AIP_historical_blacklist_prioritized_by_newest_attackers.csv]... OK 09/Aug/2024 23:29:11 [startup.lua:121] [lists_utils.lua:417] Updating list 'ThreatFox' [https://threatfox.abuse.ch/downloads/hostfile/]... OK 09/Aug/2024 23:29:11 [startup.lua:121] [lists_utils.lua:417] Updating list 'dshield 7 days' [https://raw.githubusercontent.com/firehol/blocklist-ipsets/master/dshield_7d.netset]... OK 09/Aug/2024 23:29:11 [startup.lua:121] [lists_utils.lua:466] Failure loading host 'ip' category '100' in list 'Stratosphere Lab' 09/Aug/2024 23:29:11 [startup.lua:121] [lists_utils.lua:753] Category Lists (7592 hosts, 11944 IPs, 0 JA3) loaded in 0 sec 09/Aug/2024 23:29:11 [startup.lua:125] Initializing device polices... 09/Aug/2024 23:29:11 [startup.lua:141] Initializing alerts... 09/Aug/2024 23:29:11 [startup.lua:150] Initializing timeseries... 09/Aug/2024 23:29:11 [startup.lua:217] [blog_utils.lua:125] Fetching latest ntop blog posts... 09/Aug/2024 23:29:12 [startup.lua:242] Completed startup.lua 09/Aug/2024 23:29:12 [PeriodicActivities.cpp:167] Found 10 activities 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface lo [id: 1]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface eth3 [id: 2]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface eth2 [id: 3]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface eth0 [id: 4]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface eth1 [id: 5]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface br-231dd8573e17 [id: 6]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface br-288f3fd3b8e2 [id: 7]... 09/Aug/2024 23:29:12 [NetworkInterface.cpp:3720] Started packet polling on interface br-43eec5a2893e [id: 8]... *** buffer overflow detected ***: terminated /run.sh: line 3: 16 Aborted ntopng "$@" $NTOP_CONFIG

Docker compose command

version: '3.9'
services: 
 ntopng:
    hostname: ntopng
    image: ntop/ntopng:stable
    container_name: ntopng
    mem_limit: 4g
    cpu_shares: 768
    security_opt:
      - no-new-privileges:true
    restart: on-failure:5
    volumes:
      - '/share/ZFS20_DATA/docker/ntop-ng/config:/var/lib/ntopng'
    network_mode: host
    command: --community
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@huntson