Skip to content

Configuration

Jump to bottom
danieljampen edited this page Jul 17, 2019 · 8 revisions

Structure

There are two main parts of the configuration file. The first part MULTIAV configures general options of the MultiAV:Extended tool. The second part addresses the plugins to use where each plugin has its own section like PLUGIN-A.

#=============================
# General Settings Part
[MULTIAV]
VARIABLE=VALUE
...
#=============================
## Scan Strategy Settings Part
SCAN_STRATEGY=VALUE
....

#=============================
## Plugin Configuration Part
[PLUGIN-A]
VARIABLE=VALUE
...
[PLUGIN-B]
VARIABLE=VALUE
...

MULTIAV:Extended configuration

General Settings

The first part of this section sets multiple configs which MultiAV:Extended requires regardless of the used scan strategy (configured later). The default options are the following:

[MULTIAV]
INITIAL_SCAN_TIME_AVERAGE=20
DOCKER_NETWORK_NO_INTERNET=10.192.212.0/24
DOCKER_NETWORK_NO_INTERNET_NAME=multiav-no-internet-bridge
DOCKER_NETWORK_INTERNET=10.168.137.0/24
DOCKER_NETWORK_INTERNET_NAME=multiav-internet-bridge
  • INITIAL_SCAN_TIME_AVERAGE: MultiAV:Extended tracks how long scans take on average. This is used to calculate multiple metrics depending on the scan strategy in use. This config defines the initial value in seconds.
  • DOCKER_NETWORK_NO_INTERNET: Defines the subnet to use for the docker network without internet access. Use the CDIR notation to define the networks base address and subnet mask.
  • DOCKER_NETWORK_NO_INTERNET_NAME: Defines the name of the docker network without internet access.
  • DOCKER_NETWORK_INTERNET: Defines the subnet to use for the docker network with internet access. Use the CDIR notation to define the networks base address and subnet mask.
  • DOCKER_NETWORK_INTERNET_NAME: Defines the name of the docker network with internet access.

Scan Strategy Settings

MultiAV:Extended supports three scan strategies. A scan strategy refers to the way the program handles the scan tasks and dispatches them. The following list briefly describes the strategies:

  • Local-No-Limit Strategy: MultiAV will create as much containers as required to execute all tasks simultaneously on the local system. This behavior could overload the system when too many scans are executed in parallel.
  • Local-Limit Strategy: The tasks will be dispached locally similar to the local-no-limit strategy. However, the strategy implements a queue in which each task is added on creation. You are able to define the maximal amount of containers and scans per container MultiAV is allowed to create. This allows to define boundaries to prevent overloading problems as possible with the local-no-limit strategy.
  • Auto-Scale Strategy:

Local-No-Limit Strategy

SCAN_STRATEGY=local-no-limit
MAX_SCANS_PER_CONTAINER=1

Local-Limit Strategy

SCAN_STRATEGY=local-limit
MAX_CONTAINERS = 8
MAX_SCANS_PER_CONTAINER=1

Auto-Scale Strategy

SCAN_STRATEGY=auto-scale
EXPECTED_MACHINE_STARTUP_TIME=130
MINIMAL_MACHINE_RUN_TIME=480
MIN_MACHINES=1
MAX_MACHINES=16
MAX_SCANS_PER_CONTAINER=1
MAX_CONTAINERS_PER_MACHINE=8
CMD_DOCKER_MACHINE_CREATE=

Plugin Configuration

PLUGIN_ID=10
#DOCKER_BUILD_URL_OVERRIDE=
DISABLED=1

(c) 2019 Daniel Jampen, ZHAW

Clone this wiki locally