RubyGems - dvash - Versions diffs - 0.1.0 → 0.1.1 - Mend

dvash 0.1.0 → 0.1.1

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (18) hide show

data/LICENSE +674 -0
data/bin/dvash +0 -2
data/dvash.gemspec +12 -23
data/lib/dvash.rb +12 -21
data/lib/dvash/application.rb +32 -49
data/lib/dvash/core.rb +96 -116
data/lib/dvash/honeyports/ipv4/http.rb +26 -37
data/lib/dvash/honeyports/ipv4/rdp.rb +26 -37
data/lib/dvash/honeyports/ipv4/ssh.rb +26 -37
data/lib/dvash/honeyports/ipv4/telnet.rb +26 -37
data/lib/dvash/honeyports/ipv6/http.rb +26 -37
data/lib/dvash/honeyports/ipv6/rdp.rb +26 -37
data/lib/dvash/honeyports/ipv6/ssh.rb +26 -37
data/lib/dvash/os/linux.rb +42 -64
data/lib/dvash/os/mac.rb +24 -28
data/lib/dvash/os/windows.rb +23 -24
metadata +5 -21
data/etc/dvash-baseline.conf +0 -48

data/lib/dvash/os/mac.rb CHANGED

@@ -1,34 +1,30 @@
 module Dvash
+  #
+  # Used by Mac OS X systems to leverage ipfw for blocking all of the peoples
+  #
+  class Mac < Core
-	class Mac < Core
+    def initialize
+      # Make sure we have binaries for ipfw using the paths
+      # set in the configuration file
+      unless File.exist?(@@cfgfile['ipfw']['ipfw'])
+        # TODO: Use [logger] gem to output debug information
+        puts "can't find ipfw"
+        exit
+      end
+    end
-		def initialize
-			#
-			# Check to make sure we have binaries for ipfw using the paths
-			# set in the configuration file
-			#
-			unless File.exist?(@@cfgfile['ipfw']['ipfw'])
-				# TODO: Use 'logger' gem to output debug information
-				puts "can't find ipfw"
-				exit
-			end
-		end
+    def block_ip(address)
+      # Block the client IP address using ipfw binaries set in the conf file
+      if IPAddr.new("#{address}").ipv4? then
+        system("#{@@cfgfile['ipfw']['ipfw']} -q add deny all from #{address} to any")
+      end
-		def block_ip(address)
-			#
-			# Block the client IP address using ipfw binaries set in the configuration file
-			#
-			if IPAddr.new("#{address}").ipv4? then
-				system("#{@@cfgfile['ipfw']['ipfw']} -q add deny all from #{address} to any")
-			end
+      # Block the client IP address using ip6fw binaries set in the conf file
+      if IPAddr.new("#{address}").ipv6? then
+        system("#{@@cfgfile['ipfw']['ip6fw']} -q add deny all from #{address} to any")
+      end
+    end
-			#
-			# Block the client IP address using ip6fw binaries set in the configuration file
-			#
-			if IPAddr.new("#{address}").ipv6? then
-				system("#{@@cfgfile['ipfw']['ip6fw']} -q add deny all from #{address} to any")
-			end
-		end
-	end
+  end
 end

data/lib/dvash/os/windows.rb CHANGED

@@ -1,30 +1,29 @@
 module Dvash
-	class Windows < Core
+  #
+  # Used by Windows systems to leverage route command for blocking all of the peoples
+  #
+  class Windows < Core
-		def block_ip(address)
-			#
-			# Windows XP/Server 2003 compatible but we don't have a way to determine
-			# what version of Windows is running, so we assume the newer versions
-			#
-			# system("route add #{address} mask 255.255.255.255 10.255.255.255 metric 1 -p")
+    def block_ip(address)
+      # Windows XP/Server 2003 compatible but we don't have a way to determine
+      # what version of Windows is running, so we assume the newer versions
+      # we're going to leave this here for now in case sometime in the future
+      # we can figure out how to determine the differenc between WinXP/2003 and Win7
+      #
+      # system("route add #{address} mask 255.255.255.255 10.255.255.255 metric 1 -p")
-			#
-			# Windows 7/Server 2008 and newer compatible (IPv4)
-			# Blackholes the client IP address by routing traffic to a null route
-			#
-			if IPAddr.new("#{address}").ipv4? then
-				system("route add #{address} mask 255.255.255.255 10.255.255.255 if 1 -p")
-			end
+      # Windows 7/Server 2008 and newer compatible (IPv4)
+      # Blackholes the client IP address by routing traffic to a null route
+      if IPAddr.new("#{address}").ipv4? then
+        system("route add #{address} mask 255.255.255.255 10.255.255.255 if 1 -p")
+      end
-			#
-			# Windows 7/Server 2008 and newer compatible (IPv6)
-			# Blackholes the client IP address by routing traffic to localhost
-			#
-			if IPAddr.new("#{address}").ipv6? then
-				system("netsh interface ipv6 add route #{address} \"Local Area Connection\" ::1")
-			end
-		end
+      # Windows 7/Server 2008 and newer compatible (IPv6)
+      # Blackholes the client IP address by routing traffic to localhost
+      if IPAddr.new("#{address}").ipv6? then
+        system("netsh interface ipv6 add route #{address} \"Local Area Connection\" ::1")
+      end
+    end
-	end
+  end
 end

metadata CHANGED

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: dvash
 version: !ruby/object:Gem::Version
-  version: 0.1.0
+  version: 0.1.1
   prerelease:
 platform: ruby
 authors:
@@ -9,7 +9,7 @@ authors:
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2013-05-02 00:00:00.000000000 Z
+date: 2013-07-21 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: parseconfig
@@ -27,22 +27,6 @@ dependencies:
     - - ~>
       - !ruby/object:Gem::Version
         version: '1.0'
-- !ruby/object:Gem::Dependency
-  name: bundler
-  requirement: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: '1.3'
-  type: :runtime
-  prerelease: false
-  version_requirements: !ruby/object:Gem::Requirement
-    none: false
-    requirements:
-    - - ~>
-      - !ruby/object:Gem::Version
-        version: '1.3'
 description: Part honeypot, part defense system.  Opens up ports and simulates services
   in order to look like an attractive target.  Hosts that try to connect to the fake
   services are considered attackers and blocked from all access.
@@ -52,7 +36,7 @@ executables:
 extensions: []
 extra_rdoc_files: []
 files:
-- etc/dvash-baseline.conf
+- lib/dvash/application.rb
 - lib/dvash/honeyports/ipv4/http.rb
 - lib/dvash/honeyports/ipv4/rdp.rb
 - lib/dvash/honeyports/ipv4/ssh.rb
@@ -63,13 +47,13 @@ files:
 - lib/dvash/os/linux.rb
 - lib/dvash/os/mac.rb
 - lib/dvash/os/windows.rb
-- lib/dvash/application.rb
 - lib/dvash/core.rb
 - lib/dvash.rb
+- bin/dvash
 - dvash.gemspec
 - Gemfile
 - README.md
-- bin/dvash
+- LICENSE
 homepage: http://github.com/codemunchies/dvash
 licenses:
 - GPL-3

data/etc/dvash-baseline.conf DELETED

@@ -1,48 +0,0 @@
-###############################################################################
-#
-#  Dvash Configuration File
-#
-###############################################################################
-###############################################################################
-#
-#  Honeyports are listed here according to the filename of the module in the
-#  honeyports path.  Dvash will automatically look for the honeyport load it
-#  if it is enabled here.
-#
-#  Enabled:
-#  ipv4_http = true
-#
-#  Disabled:
-#  ipv4_http = false
-#
-###############################################################################
-[honeyports]
-ipv4_http = true
-ipv4_ssh = false
-ipv4_rdp = false
-ipv4_telnet = false
-ipv6_http = false
-ipv6_ssh = false
-ipv6_rdp = false
-###############################################################################
-#
-#  Dvash configures iptables and ip6tables for linux using the binaries
-#  according to the paths you configure here.
-#
-###############################################################################
-[iptables]
-ipv4 = /usr/sbin/iptables
-ipv6 = /usr/sbin/ip6tables
-###############################################################################
-#
-#  Dvash configures ipfw for mac using the binaries according to the paths
-#  you configure here.
-#
-###############################################################################
-[ipfw]
-ipfw = /sbin/ipfw
-ip6fw = /sbin/ip6fw