antfarm 0.3.0 → 0.4.0

data/CHANGELOG

@@ -1,5 +1,14 @@
 ANTFARM CHANGELOG
 
+VERSION 0.4.0
+ * Added support for PostgreSQL database
+ * Added ANTFARM console command, which initializes an IRB console with the ANTFARM environment
+ * Added ANTFARM db --console option, which determines the database adapter being used and executes the appropriate database console command
+ * Added ANTFARM cp-script command, which takes an existing ANTFARM core script and copies it to the user's custom script directory for use as a template
+ * Updated Nmap XML parser script
+ * Added visualization file for the traffic table
+ * Modified the visualization file for networks to leave out traffic data
+
 VERSION 0.3.0
  * Added Prefuse-based vizualization application and script to execute it with
  * Added defaults file so users can specify default environment and log level

data/{README → README.rdoc}

@@ -3,7 +3,8 @@
 ANTFARM is a passive network mapping application that utilizes
 output from existing network examination tools to populate its
 OSI-modeled database.  This data can then be used to form a
-'picture' of the network being analyzed.
+'picture' of the network being analyzed.  This documentation is
+consistent with version 0.3.0 of the ANTFARM software.
 
 == More About ANTFARM
 
@@ -36,6 +37,12 @@ and running with ANTFARM.
 ANTFARM is packaged as a Ruby Gem, so the easiest way to install
 it is to run 'gem install ANTFARM' from the command line.
 
+The default database for ANTFARM is SQLite3, so at a minimum you will
+need libsqlite3-dev installed.  The PostgreSQL database is also
+supported (good for concurrent access), which requires the development
+files for the PostgreSQL server to be installed, as well as the server
+and client software and the postgres Ruby Gem.
+
 === Initialization
 
 ANTFARM can be ran purely from within the Gem environment, but users
@@ -54,6 +61,15 @@ Last, you need to create an actual database to store the data in.
 
   antfarm db --migrate
 
+The above command will work out of the box if the SQLite3 database is used.
+If you intend to use the PostgreSQL database, you must first create a database
+in PostgreSQL.  The name of the database should match the name of the environment
+you wish to use it in.
+
+  su - postgres
+  createuser <username> (you will only have to do this once)
+  createdb antfarm (or whatever environment name you want)
+
 Now you're ready to start parsing files and filling the database!
 
 == Description of Contents
@@ -74,6 +90,19 @@ you do not have to specify it on the command line every time.  This is probably
 also the __safer__ way to go... if you forget one time to pass the <tt>-e</tt>
 argument when using the non-default environment you could corrupt some data!
 
+You can also tell the ANTFARM application to use the PostgreSQL database for
+a particular environment by adding something similar to the following to your
+defaults.yml file:
+
+ <env name>:
+   adapter: postgresql
+
+For example, the following will tell ANTFARM to use the PostgreSQL database for
+the default 'antfarm' environment:
+
+ antfarm:
+   adapter: postgresql
+
 == Example Usage
 
 Scripts are used to input data into the ANTFARM database.  Multiple scripts already
@@ -152,16 +181,21 @@ If you look at <tt>HOME_DIR/.antfarm/config/colors.xml</tt>, you'll see the defa
 this application uses to decide what colors to use for nodes and edges.  Modify this file
 to get the colors you want.
 
-== Brought To You By
-
-Original Project Author: Michael Berg, Sandia National Laboratories <mjberg@sandia.gov>
+== Homepage
 
-Contributing Author: Bryan T. Richardson, Sandia National Laboratories <btricha@sandia.gov>
+http://antfarm.rubyforge.org
 
 == RubyForge Project
 
 http://rubyforge.org/projects/antfarm
 
+== GitHub Project
+
+http://github.com/btrichardson/antfarm
+
+All code development will take place from GitHub.  The latest source code for each
+ANTFARM release will be mirrored at the RubyForge project SCM as well.
+
 == Legal Stuff
 
 Copyright (2008) Sandia Corporation.

data/bin/antfarm

@@ -26,6 +26,7 @@ require 'find'
 require 'ostruct'
 require 'scparse'
 require 'dbmanage'
+require 'cpscript'
 require 'yaml'
 
 if (defined? USER_DIR) && File.exists?("#{USER_DIR}/config/defaults.yml")
@@ -54,6 +55,14 @@ end
 
 app.add_command(SCParse::HelpCommand.new)
 app.add_command(Antfarm::DBManager.new)
+app.add_command(Antfarm::CPScript.new)
+
+version = SCParse::Script.new('version', 'version.rb', false)
+version.set_execution_block do |cmd,args|
+  ARGV.clear
+  load cmd.path
+end
+app.add_command(version)
 
 rails = SCParse::Script.new('rails', 'script/server')
 rails.set_execution_block do |cmd,args|
@@ -66,6 +75,14 @@ rails.set_execution_block do |cmd,args|
 end
 app.add_command(rails)
 
+console = SCParse::Script.new('console', 'console.rb', false)
+console.set_execution_block do |cmd,args|
+  ARGV.clear
+  ARGV << @opts.environment
+  load cmd.path
+end
+app.add_command(console)
+
 # TODO: Take into account situation where a directory
 # in the user's script directory might have the same
 # name as a directory in the application's script
@@ -105,8 +122,16 @@ if defined? USER_DIR
     if File.directory?(path)
       base_name = File.basename(path)
       unless base_name == 'scripts'
+        # Checks to see if the 'custom' command already
+        # exists, and if not, creates one.
+        # Not doing this up front so a custom command
+        # will only be created if custom scripts exist.
+        if (custom = app.has_command?('custom')) == nil
+          custom = SCParse::Command.new('custom')
+          app.add_command(custom)
+        end
         command = SCParse::Command.new(base_name)
-        app.add_command(command)
+        custom.add_command(command)
         sub_commands[base_name] = command
       end
     elsif File.file?(path) && path =~ /rb$/
@@ -119,7 +144,16 @@ if defined? USER_DIR
         load cmd.path
       end
       if dir == 'scripts'
-        app.add_command(script)
+        # Checks to see if the 'custom' command already
+        # exists, and if not, creates one. Not doing this
+        # up front so a custom command will only be created
+        # if custom scripts exist.
+        if (custom = app.has_command?('custom')) == nil
+          custom = SCParse::Command.new('custom')
+          app.add_command(custom)
+          sub_commands['custom'] = custom
+        end
+        custom.add_command(script)
       else
         sub_commands[dir].add_command(script)
       end
@@ -130,8 +164,7 @@ end
 def bootstrap
   ENV['ANTFARM_ENV'] = @opts.environment
   ENV['ANTFARM_LOG_LEVEL'] = @opts.log_level
-  require ANTFARM_ROOT + "/config/environment"
+  require "#{ANTFARM_ROOT}/config/environment"
 end
 
 app.parse!
-

data/db/migrate/010_create_dns_entries.rb

@@ -0,0 +1,32 @@
+# Copyright (2008) Sandia Corporation.
+# Under the terms of Contract DE-AC04-94AL85000 with Sandia Corporation,
+# the U.S. Government retains certain rights in this software.
+#
+# Original Author: Bryan T. Richardson, Sandia National Laboratories <btricha@sandia.gov>
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or (at
+# your option) any later version.
+#
+# This library is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library; if not, write to the Free Software Foundation, Inc.,
+# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
+
+class CreateDnsEntries < ActiveRecord::Migration
+  def self.up
+    create_table :dns_entries do |t|
+      t.string :address
+      t.string :hostname
+    end
+  end
+
+  def self.down
+    drop_table :dns_entries
+  end
+end

data/db/migrate/011_create_actions.rb

@@ -0,0 +1,34 @@
+# Copyright (2008) Sandia Corporation.
+# Under the terms of Contract DE-AC04-94AL85000 with Sandia Corporation,
+# the U.S. Government retains certain rights in this software.
+#
+# Original Author: Bryan T. Richardson, Sandia National Laboratories <btricha@sandia.gov>
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or (at
+# your option) any later version.
+#
+# This library is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library; if not, write to the Free Software Foundation, Inc.,
+# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
+
+class CreateActions < ActiveRecord::Migration
+  def self.up
+    create_table :actions do |t|
+      t.string :tool
+      t.string :description
+      t.string :start
+      t.string :end
+    end
+  end
+
+  def self.down
+    drop_table :actions
+  end
+end

data/db/migrate/012_create_services.rb

@@ -0,0 +1,36 @@
+# Copyright (2008) Sandia Corporation.
+# Under the terms of Contract DE-AC04-94AL85000 with Sandia Corporation,
+# the U.S. Government retains certain rights in this software.
+#
+# Original Author: Bryan T. Richardson, Sandia National Laboratories <btricha@sandia.gov>
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or (at
+# your option) any later version.
+#
+# This library is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library; if not, write to the Free Software Foundation, Inc.,
+# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
+
+class CreateServices < ActiveRecord::Migration
+  def self.up
+    create_table :services do |t|
+      t.float      :certainty_factor, :null => false
+      t.references :node
+      t.references :action
+      t.string     :protocol
+      t.integer    :port
+      t.string     :name
+    end
+  end
+
+  def self.down
+    drop_table :services
+  end
+end

data/db/migrate/013_create_operating_systems.rb

@@ -0,0 +1,34 @@
+# Copyright (2008) Sandia Corporation.
+# Under the terms of Contract DE-AC04-94AL85000 with Sandia Corporation,
+# the U.S. Government retains certain rights in this software.
+#
+# Original Author: Bryan T. Richardson, Sandia National Laboratories <btricha@sandia.gov>
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or (at
+# your option) any later version.
+#
+# This library is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library; if not, write to the Free Software Foundation, Inc.,
+# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
+
+class CreateOperatingSystems < ActiveRecord::Migration
+  def self.up
+    create_table :operating_systems do |t|
+      t.float      :certainty_factor, :null => false
+      t.references :node
+      t.references :action
+      t.text       :fingerprint
+    end
+  end
+
+  def self.down
+    drop_table :operating_systems
+  end
+end

data/db/schema.rb

@@ -1,25 +1,5 @@
-# Copyright (2008) Sandia Corporation.
-# Under the terms of Contract DE-AC04-94AL85000 with Sandia Corporation,
-# the U.S. Government retains certain rights in this software.
-#
-# Original Author: Bryan T. Richardson, Sandia National Laboratories <btricha@sandia.gov>
-#
-# This library is free software; you can redistribute it and/or modify it
-# under the terms of the GNU Lesser General Public License as published by
-# the Free Software Foundation; either version 2.1 of the License, or (at
-# your option) any later version.
-#
-# This library is distributed in the hope that it will be useful, but WITHOUT
-# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
-# details.
-#
-# You should have received a copy of the GNU Lesser General Public License
-# along with this library; if not, write to the Free Software Foundation, Inc.,
-# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
-
 # This file is auto-generated from the current state of the database. Instead of editing this file, 
-# please use the migrations feature of ActiveRecord to incrementally modify your database, and
+# please use the migrations feature of Active Record to incrementally modify your database, and
 # then regenerate this schema definition.
 #
 # Note that this schema.rb definition is the authoritative source for your database schema. If you need
@@ -29,7 +9,19 @@
 #
 # It's strongly recommended to check this file into your version control system.
 
-ActiveRecord::Schema.define(:version => 9) do
+ActiveRecord::Schema.define(:version => 13) do
+
+  create_table "actions", :force => true do |t|
+    t.string "tool"
+    t.string "description"
+    t.string "start"
+    t.string "end"
+  end
+
+  create_table "dns_entries", :force => true do |t|
+    t.string "address"
+    t.string "hostname"
+  end
 
   create_table "ethernet_interfaces", :force => true do |t|
     t.string "address", :null => false
@@ -69,10 +61,26 @@ ActiveRecord::Schema.define(:version => 9) do
     t.string "device_type"
   end
 
+  create_table "operating_systems", :force => true do |t|
+    t.float   "certainty_factor", :null => false
+    t.integer "node_id"
+    t.integer "action_id"
+    t.text    "fingerprint"
+  end
+
   create_table "private_networks", :force => true do |t|
     t.string "description"
   end
 
+  create_table "services", :force => true do |t|
+    t.float   "certainty_factor", :null => false
+    t.integer "node_id"
+    t.integer "action_id"
+    t.string  "protocol"
+    t.integer "port"
+    t.string  "name"
+  end
+
   create_table "traffic", :force => true do |t|
     t.string  "description"
     t.integer "port",                       :default => 0, :null => false

data/lib/antfarm.rb

@@ -30,6 +30,10 @@ require 'antfarm/layer3_network'
 require 'antfarm/node'
 require 'antfarm/private_network'
 require 'antfarm/traffic'
+require 'antfarm/dns_entry'
+require 'antfarm/action'
+require 'antfarm/service'
+require 'antfarm/operating_system'
 
 module Antfarm
 

data/lib/antfarm/action.rb

@@ -0,0 +1,29 @@
+# Copyright (2008) Sandia Corporation.
+# Under the terms of Contract DE-AC04-94AL85000 with Sandia Corporation,
+# the U.S. Government retains certain rights in this software.
+#
+# Original Author: Bryan T. Richardson, Sandia National Laboratories <btricha@sandia.gov>
+# Derived From: code written by Michael Berg <mjberg@sandia.gov>
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or (at
+# your option) any later version.
+#
+# This library is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library; if not, write to the Free Software Foundation, Inc.,
+# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
+
+class Action < ActiveRecord::Base
+  has_many :operating_systems
+  has_many :services
+
+  def to_label
+    return tool
+  end
+end

data/lib/antfarm/dns_entry.rb

@@ -0,0 +1,23 @@
+# Copyright (2008) Sandia Corporation.
+# Under the terms of Contract DE-AC04-94AL85000 with Sandia Corporation,
+# the U.S. Government retains certain rights in this software.
+#
+# Original Author: Bryan T. Richardson, Sandia National Laboratories <btricha@sandia.gov>
+# Derived From: code written by Michael Berg <mjberg@sandia.gov>
+#
+# This library is free software; you can redistribute it and/or modify it
+# under the terms of the GNU Lesser General Public License as published by
+# the Free Software Foundation; either version 2.1 of the License, or (at
+# your option) any later version.
+#
+# This library is distributed in the hope that it will be useful, but WITHOUT
+# ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
+# FOR A PARTICULAR PURPOSE. See the GNU Lesser General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Lesser General Public License
+# along with this library; if not, write to the Free Software Foundation, Inc.,
+# 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA 
+
+class DnsEntry < ActiveRecord::Base
+end