Research
Security News
Malicious npm Package Targets Solana Developers and Hijacks Funds
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
github.com/maxmind/geoipupdate/v4
The GeoIP Update program performs automatic updates of GeoIP2 and GeoLite2 binary databases. CSV databases are not supported.
We provide releases for Linux, macOS (darwin), and Windows. Please see the Releases tab for the latest release.
After you install GeoIP Update, please refer to our documentation for information about configuration.
If you're upgrading from GeoIP Update 3.x, please see our upgrade guide.
Download and extract the appropriate tarball for your system. You will end
up with a directory named something like geoipupdate_4.0.0_linux_amd64
depending on the version and architecture.
Copy geoipupdate
to where you want it to live. To install it to
/usr/local/bin/geoipupdate
, run the equivalent of sudo cp geoipupdate_4.0.0_linux_amd64/geoipupdate /usr/local/bin
.
geoipupdate
looks for the config file /usr/local/etc/GeoIP.conf
by
default.
MaxMind provides a PPA for recent versions of Ubuntu. To add the PPA to your sources, run:
$ sudo add-apt-repository ppa:maxmind/ppa
Then install geoipupdate
by running:
$ sudo apt update
$ sudo apt install geoipupdate
You can also use the tarball.
Download the appropriate .deb for your system.
Run dpkg -i path/to/geoipupdate_4.0.0_linux_amd64.deb
(replacing the
version number and architecture as necessary). You will need to be root.
For Ubuntu you can prefix the command with sudo
. This will install
geoipupdate
to /usr/bin/geoipupdate
.
geoipupdate
looks for the config file /etc/GeoIP.conf
by default.
You can also use the tarball.
Download the appropriate .rpm for your system.
Run rpm -Uvhi path/to/geoipupdate_4.0.0_linux_amd64.rpm
(replacing the
version number and architecture as necessary). You will need to be root.
This will install geoipupdate
to /usr/bin/geoipupdate
.
geoipupdate
looks for the config file /etc/GeoIP.conf
by default.
This is the same as installing on Linux via the tarball, except choose a tarball with "darwin" in the name.
If you are on macOS and you have Homebrew you can install
geoipupdate
via brew
$ brew install geoipupdate
Download and extract the appropriate zip for your system. You will end up
with a directory named something like geoipupdate_4.0.0_windows_amd64
depending on the version and architecture.
Copy geoipupdate.exe
to where you want it to live.
geoipupdate
looks for the config file
\ProgramData\MaxMind/GeoIPUpdate\GeoIP.conf
on your system drive by
default.
Please see our Docker documentation.
You need the Go compiler (1.13+). You can get it at the Go website.
The easiest way is via go get
:
$ env GO111MODULE=on go get -u github.com/maxmind/geoipupdate/v4/cmd/geoipupdate
This installs geoipupdate
to $GOPATH/bin/geoipupdate
.
Please see our online guide for directions on how to configure GeoIP Update.
See our documentation for the geoipupdate
program
and the GeoIP.conf
configuration file.
We define default paths for the config file and database directory. If these defaults are not appropriate for you, you can change them at build time using flags:
go build -ldflags "-X main.defaultConfigFile=/etc/GeoIP.conf \
-X main.defaultDatabaseDirectory=/usr/share/GeoIP"
Please report bugs by filing an issue with our GitHub issue tracker.
This software is Copyright (c) 2018 - 2023 by MaxMind, Inc.
This is free software, licensed under the Apache License, Version 2.0 or the MIT License, at your option.
FAQs
Unknown package
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
A malicious npm package targets Solana developers, rerouting funds in 2% of transactions to a hardcoded address.
Security News
Research
Socket researchers have discovered malicious npm packages targeting crypto developers, stealing credentials and wallet data using spyware delivered through typosquats of popular cryptographic libraries.
Security News
Socket's package search now displays weekly downloads for npm packages, helping developers quickly assess popularity and make more informed decisions.