intrusion 0.1.3 → 0.1.8

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 5f7c0b79c12c817d564e55ecba6f86540a09bb083ac97b5ad7b8e3a31c07fa53
+  data.tar.gz: 876156a63816e18184eb72af76f3634e80a15542d6d66e39d26fdaf2176b2860
+SHA512:
+  metadata.gz: 702186b662da7e7db61cfc65264f3fab1e833d32743add8afe39675a567b58a0c4afd85c7ad0d91f3a1eae35b371e7160f4a315bbbd1140591f168e03537fd19
+  data.tar.gz: 13adcc68d21d57813d5d2771239d03b61fcedf31c434a91e378de2253972ef66377d1166f55e81f788cca779622edd58c8a64f3e44a0568780665d48066e1f42

data/lib/intrusion.rb

@@ -1,59 +1,54 @@
-module Intrusion
-  
-    # check if ip is blocked
-    def ids_is_blocked?(ip)
-      ids_load.each { |d| return true if d[:ip] == ip and d[:counter] > 9 }
-      return false
-    end
-    
-    # report suspicious activity
-    def ids_report!(ip, block=false)
-      dt = ids_load
-	
-      found = nil
-      dt.each { |d| found = d if d[:ip] == ip }
-	
-      if found
-	if block
-          found[:counter] = 10
-        else
-          found[:counter] += 1
-        end
-      else
-	new = { :ip => ip, :counter => 1 }
-	dt << new
-      end
-	
-      # update
-      self.ids = dt.to_yaml
-      return self.save
-    end
-
-    # reset counter and stay
-    def ids_unblock!(ip)
-      dt = ids_load
-      found = false
-      dt.each { |d| 
-	if d[:ip] == ip
-	  d[:counter] = 0
-	  found = true
-	end
-       }
-
-       if found
-         # update
-	 self.ids = dt.to_yaml
-	 return self.save
-       end
-      return false
-    end
-
-    # convert yaml string helper
-    def ids_load
-      dt = []      
-      dt = YAML::load(ids) if ids
-      return dt
-    end
-
-  
-end
+# Intrusion main module
+module Intrusion
+  # check if ip is blocked
+  def ids_is_blocked?(address)
+    ids_load.each do |d|
+      return true if d[:ip] == address && d[:counter] > 9
+    end
+    false
+  end
+
+  # return block counter of address
+  def ids_counter(address)
+    ids_load.each { |d| return d[:counter] if d[:ip] == address }
+    0
+  end
+
+  # report suspicious activity
+  def ids_report!(address, block = false)
+    dt = ids_load
+    found = nil
+    dt.each { |d| found = d if d[:ip] == address }
+    if found
+      block ? found[:counter] = 10 : found[:counter] += 1
+    else
+      dt << { ip: address, counter: block ? 10 : 1 }
+    end
+
+    # update record
+    update(ids: dt.to_yaml)
+  end
+
+  # reset counter and stay
+  def ids_unblock!(address)
+    dt = ids_load
+    found = false
+    dt.each { |d| found = d if d[:ip] == address }
+
+    if found
+      dt.delete(found)
+      # update
+      return update(ids: dt.to_yaml)
+    end
+    false
+  end
+
+  # convert yaml string helper
+  def ids_load
+    data = ids.blank? ? [] : YAML.safe_load(ids, [Symbol])
+    raise 'invalid data in ids field' unless data.is_a?(Array)
+    data
+  rescue RuntimeError
+    []
+  end
+end

metadata

@@ -1,95 +1,43 @@
---- !ruby/object:Gem::Specification 
+--- !ruby/object:Gem::Specification
 name: intrusion
-version: !ruby/object:Gem::Version 
-  prerelease: false
-  segments: 
-  - 0
-  - 1
-  - 3
-  version: 0.1.3
+version: !ruby/object:Gem::Version
+  version: 0.1.8
 platform: ruby
-authors: 
-- Simon Wepfer
-autorequire: 
+authors:
+- Simon Duncombe
+autorequire:
 bindir: bin
-cert_chain: 
-- |
-  -----BEGIN CERTIFICATE-----
-  MIIDKjCCAhKgAwIBAgIBADANBgkqhkiG9w0BAQUFADA7MQswCQYDVQQDDAJzdzEY
-  MBYGCgmSJomT8ixkARkWCG5ldHNlbnNlMRIwEAYKCZImiZPyLGQBGRYCY2gwHhcN
-  MTAxMjMwMDEzMjIzWhcNMTExMjMwMDEzMjIzWjA7MQswCQYDVQQDDAJzdzEYMBYG
-  CgmSJomT8ixkARkWCG5ldHNlbnNlMRIwEAYKCZImiZPyLGQBGRYCY2gwggEiMA0G
-  CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDQcaHghb4NyoI5/ktDVocH6/T6vIhB
-  rpxGCid4Ufk0nNJp2EQxzzJD2wpv+hmfndtH1yfA89RqIIBdHXhu/pY3Rs+7Rbuh
-  KAhMF3Bt0MvYa2cCMOV0WQaS1TF+xu1Ko5JGNIP2YHpcusXdjUflYn/enb1xiyJ0
-  tGe7au6H+gl55k+sy55KpSqije1sCRGsq001HEOgHMk99FWPglma1LSlHzHunCvr
-  E0yjmEYQnA0Bz1fK23IPXpg1/JDCicz1JlOx1LQ6EXp/DsJhYvrltqMs0d8pThLz
-  TK8zp88ciB3Je7ZV9gzCSRZn6eg7YAq3L6OGyCjXVDPeGutZ5A0+uNe5AgMBAAGj
-  OTA3MAkGA1UdEwQCMAAwHQYDVR0OBBYEFNPOntwPYyIrXaEbpJDbJT3Td9ABMAsG
-  A1UdDwQEAwIEsDANBgkqhkiG9w0BAQUFAAOCAQEAyKFvBXfbt8Rn/NjT5tObn9gF
-  XE6YMpQvKFqgtjJsuWyldjpjnbg86YsEnOEW2AtRKjQJvTtuyBvf+jiGpj4TFv2u
-  Z8lCtkHH7lOlotiqnrBpDn+4OGwHmRupmNbvs5JyWyCohFVEbTBcWuvVW+P7OM9E
-  eaEOpD9PVJds+gguxxsdaAHafRvcOdVqQ9qpeTrofTwCttMEe6XvBF+HSTZ3IrXK
-  ljm7jluHlbP28ywmLBUdz8bNLkoLrD77bYW5c8TqqhtgoaBXtG73y8V6WogvVV45
-  jCYr7DaTo4rUhQrgDmq/JUQYZmAaf73WG6iwQ2Nr68hWCjVTj/wvKLKurgjqkQ==
-  -----END CERTIFICATE-----
-
-date: 2010-12-30 00:00:00 +01:00
-default_executable: 
+cert_chain: []
+date: 2020-10-08 00:00:00.000000000 Z
 dependencies: []
-
-description: intrusion detection and prevention for rails apps
-email: sw@netsense.ch
+description: Intrusion is a gem helping you to block objects for IP addresses within
+  your Ruby on Rails Application.
+email: sd@netsense.ch
 executables: []
-
 extensions: []
-
-extra_rdoc_files: 
-- README.rdoc
+extra_rdoc_files: []
+files:
 - lib/intrusion.rb
-files: 
-- Manifest
-- README.rdoc
-- Rakefile
-- lib/intrusion.rb
-- intrusion.gemspec
-has_rdoc: true
-homepage: http://spectify.com
+homepage: http://github.com/symontech/intrusion
 licenses: []
-
-post_install_message: 
-rdoc_options: 
-- --line-numbers
-- --inline-source
-- --title
-- Intrusion
-- --main
-- README.rdoc
-require_paths: 
+metadata: {}
+post_install_message:
+rdoc_options: []
+require_paths:
 - lib
-required_ruby_version: !ruby/object:Gem::Requirement 
-  none: false
-  requirements: 
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
   - - ">="
-    - !ruby/object:Gem::Version 
-      segments: 
-      - 0
-      version: "0"
-required_rubygems_version: !ruby/object:Gem::Requirement 
-  none: false
-  requirements: 
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
   - - ">="
-    - !ruby/object:Gem::Version 
-      segments: 
-      - 1
-      - 2
-      version: "1.2"
+    - !ruby/object:Gem::Version
+      version: '0'
 requirements: []
-
-rubyforge_project: intrusion
-rubygems_version: 1.3.7
-signing_key: 
-specification_version: 3
-summary: intrusion detection and prevention for rails apps
+rubygems_version: 3.0.8
+signing_key:
+specification_version: 4
+summary: intrusion detection and prevention for rails applications
 test_files: []
-

data/Manifest

@@ -1,4 +0,0 @@
-Manifest
-README.rdoc
-Rakefile
-lib/intrusion.rb

data/README.rdoc

@@ -1,55 +0,0 @@
-= Intrusion
-
-Intrusion is a gem helping you to detect and prevent intrusion attempts within your ruby on rails application.
-
-== Installation
-Install the gem:
-  gem install intrusion
-
-Rails 3: include intrusion in your Gemfile
-  gem 'intrusion'
-
-Rails 2: include the gem in config/environment.rb
-  config.gem "intrusion" 
-  
-create a 'ids' attribute for the ActiveRecord model you want to protect and migrate, e.g:
-
-  # rails generate migration add_ids_to_accounts ids:string
-  # rake db:migrate
-
-include Intrusion in your model:
-
-  class Account < ActiveRecord::Base
-    include Intrusion
-  end
-
-== Examples:
-
-=== Check if IP adress is blocked
-  return "your ip is blocked" if Account.find(1).ids_is_blocked?(request.remote_addr)
-
-
-=== Report suspicious activity
-The internal counter will be increased. If you do this 10 times, blocking will be enabled
-
-  Account.find(1).ids_report!(request.remote_addr)
-
-=== Instantly block ip
-  Account.find(1).ids_report!(request.remote_addr, true)
-
-=== Reset
-This resets the counter to 0:
-  Account.find(1).ids_unblock!(request.remote_addr)
-
-
-=== Blocking objects with keywords
-You are not limited to IP adresses. You may block the object itself using any keyword:
-  Account.find(1).ids_report!('self')
-
-
-== Hint
-Try http://spectify.com to scan your servers and applications for vulnerabilities - for free!
-
-== Copyright
-
-(c) 2010 -2011 netsense LLC - managed security audits - http://netsense.ch

data/Rakefile

@@ -1,14 +0,0 @@
-require 'rubygems'  
-require 'rake'  
-require 'echoe'  
-  
-Echoe.new('intrusion', '0.1.3') do |p|  
-  p.description     = "intrusion detection and prevention for rails apps"
-  p.url             = "http://spectify.com"  
-  p.author          = "Simon Wepfer"  
-  p.email           = "sw@netsense.ch"  
-  p.ignore_pattern  = ["tmp/*", "script/*"]  
-  p.development_dependencies = []  
-end  
-  
-Dir["#{File.dirname(__FILE__)}/tasks/*.rake"].sort.each { |ext| load ext } 

data/intrusion.gemspec

@@ -1,32 +0,0 @@
-# -*- encoding: utf-8 -*-
-
-Gem::Specification.new do |s|
-  s.name = %q{intrusion}
-  s.version = "0.1.3"
-
-  s.required_rubygems_version = Gem::Requirement.new(">= 1.2") if s.respond_to? :required_rubygems_version=
-  s.authors = ["Simon Wepfer"]
-  s.cert_chain = ["/home/sw/gem-public_cert.pem"]
-  s.date = %q{2010-12-30}
-  s.description = %q{intrusion detection and prevention for rails apps}
-  s.email = %q{sw@netsense.ch}
-  s.extra_rdoc_files = ["README.rdoc", "lib/intrusion.rb"]
-  s.files = ["Manifest", "README.rdoc", "Rakefile", "lib/intrusion.rb", "intrusion.gemspec"]
-  s.homepage = %q{http://spectify.com}
-  s.rdoc_options = ["--line-numbers", "--inline-source", "--title", "Intrusion", "--main", "README.rdoc"]
-  s.require_paths = ["lib"]
-  s.rubyforge_project = %q{intrusion}
-  s.rubygems_version = %q{1.3.7}
-  s.signing_key = %q{/home/sw/gem-private_key.pem}
-  s.summary = %q{intrusion detection and prevention for rails apps}
-
-  if s.respond_to? :specification_version then
-    current_version = Gem::Specification::CURRENT_SPECIFICATION_VERSION
-    s.specification_version = 3
-
-    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
-    else
-    end
-  else
-  end
-end