nexpose_pxgrid 0.1.4-java → 0.1.5-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 559f9d7dfc2d8ce64039b4106e985629950c6aa1
-  data.tar.gz: 617ec01f58471af86831030578d210383562183e
+  metadata.gz: b491e0306e3ef6a0a86c6c130aac80a8593ea78d
+  data.tar.gz: 15dead73f58934f3d38f117c959ed741017ac975
 SHA512:
-  metadata.gz: d9fed3967f1a6f21a8da545ccfc8b8c13e2aa5fc24f660bd56a81335f5028af997e6fe1a5783defd36cfd0b65e7505a01ad1c72f930984c65ff7c3c5947eaa93
-  data.tar.gz: fa64263ae1183e1433de07ef557436068d856c35857015f2e69fb398426280f18285ef664278a976408027ae094a9ca5000844b0290fa2d0a5418d2bf76962fa
+  metadata.gz: b93c8118dc23da7bb0b0ef382ffa419881bdbf314811ec046af45bd9693779eb7c4534adca13210b00e5ad5d4b3d438408e9854396b11130e3ca7abe44d4adfb
+  data.tar.gz: 1d1ea1ae083831bcabd3d3cc7a1a79473e5997c4ae7b82825bfb7e41d8cad2c381c7f91a4687b02d88b1270e9bb0137b50778ce038409d862fec4fe8c81ab28f

data/lib/pxnx_jruby/config/pxnx.config

@@ -23,6 +23,8 @@
   :riskscore: 20
   # (M) Time to wait before cancelling a scan and continuing.
   :scan_timeout: 3600
+  # (M) Nexpose scan template ID to be used while creating temporary Site for scanning.
+  :scan_template_id: full-audit
 # Cisco pxGrid options. Note all of these options can be set through environment variables of the same capitalised name e.g. ISE_URL instead of :ise_url
 :pxg_data:
   # Cisco Identity Services Engine hostname/ip.

data/lib/pxnx_jruby/connection_manager.rb

@@ -20,6 +20,11 @@ module PxnxJruby
 
     # TODO: This method ABC is too high (http://c2.com/cgi/wiki?AbcMetric)
     def setup(config_options = {})
+      # Fail early if scan template id is invalid
+      unless PxnxJruby::NexposeConnection.is_valid_scan_template(config_options)
+        @log.error("#{config_options[:nexpose_data][:scan_template_id]} is not a valid scan template ID -- aborting application.")
+        abort('Scan template ID not valid, please update pxnx.config with proper setting')
+      end
       # We can only have a certain number of connections to Nexpose. Generate a pool of connections for realtime or batched scans.
       @connection_pool = Executors.newFixedThreadPool(config_options[:nexpose_connection_max])
       # Schedule our "realtime" or batched tasks

data/lib/pxnx_jruby/nexpose_connection.rb

@@ -25,7 +25,7 @@ module PxnxJruby
     def call
         begin
           @ip = @ip_list.is_a?(Array) ? @ip_list : Array.new(1, @ip_list)
-          @site = Nexpose::Site.new("pxGrid-Nexpose-#{DateTime.now.strftime('%Y%jT%H%M%SZ')}", 'full-audit')
+          @site = Nexpose::Site.new("pxGrid-Nexpose-#{DateTime.now.strftime('%Y%jT%H%M%SZ')}", @options[:nexpose_data][:scan_template_id])
           @site.description = "Rapid7 Nexpose - Cisco pxGrid Integration scan job saved at #{DateTime.now.strftime('%Y%jT%H%M%SZ')}"
           @log.info("Scanning IPs <#{@ip.each{|ip| ip}}> on site <#{@site.name}>.")
           @ip.each { |ip| @site.add_ip(ip) }
@@ -37,7 +37,7 @@ module PxnxJruby
           # Add ', :verbose => true' to get more info.
           WaitUtil.wait_for_condition('waiting_for_scan_to_finish', :timeout_sec => @options[:nexpose_data][:scan_timeout], :delay_sec => 30) do
             @completed = true
-            if %w(unknown dispatched running).include? (@nsc.scan_status(@scan_info.id))
+            if %w(unknown dispatched running integrating).include? (@nsc.scan_status(@scan_info.id))
               @completed = false
               @log.debug("Scan still running for site <#{@site.name}>")
             end
@@ -45,10 +45,10 @@ module PxnxJruby
           end
           @log.info("Scan completed for site #{@site.name}>")
           devices = @nsc.devices(@site.id)
-          @devices_to_quarantine = devices.select { |d| d.risk_score >= @options[:nexpose_data][:riskscore]}
+          @devices_to_quarantine = devices.map { |d| d.address if d.risk_score >= @options[:nexpose_data][:riskscore]}
           Thread.new do
             eps_broker = PxnxJruby::EpsBroker.new(@options[:grid_connection].grid)
-            @log.info("Quarantining device <#{@devices_to_quarantine}> for site <#{@site.name}>.")
+            @log.info("Quarantining device(s) <#{@devices_to_quarantine}> for site <#{@site.name}>.")
             eps_broker.quarantine_ip(@devices_to_quarantine) unless @devices_to_quarantine.empty?
           end unless @options[:debug] == true
           @log.debug("Deleting temporary site <#{@site.name}>, logging out and exiting.")
@@ -58,5 +58,11 @@ module PxnxJruby
           @log.error("Exception while running a Nexpose connection thread! Message is <#{e.message}> and stacktrace is <#{e.backtrace.join("\n")}>.")
       end
     end
+
+    def self.is_valid_scan_template(options)
+      nsc = Nexpose::Connection.new(options[:nexpose_data][:nxconsole],options[:nexpose_data][:nxuser], ENV['NEXPOSE_PASSWORD'])
+      nsc.login
+      return nsc.list_scan_templates.select{|template_summary| template_summary.id.eql?(options[:nexpose_data][:scan_template_id])}.any?
+    end
    end
 end

data/lib/pxnx_jruby/version.rb

@@ -1,5 +1,5 @@
 module PxnxJruby
   PRODUCT = 'pxGrid'
   VENDOR = 'Cisco'
-  VERSION = "0.1.4"
+  VERSION = "0.1.5"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: nexpose_pxgrid
 version: !ruby/object:Gem::Version
-  version: 0.1.4
+  version: 0.1.5
 platform: java
 authors:
 - Damian Finol
@@ -10,7 +10,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2017-01-16 00:00:00.000000000 Z
+date: 2017-03-03 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: bundler
@@ -212,7 +212,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
       version: '0'
 requirements: []
 rubyforge_project: 
-rubygems_version: 2.5.1
+rubygems_version: 2.5.2
 signing_key: 
 specification_version: 4
 summary: Nexpose - pxGrid Node implementation.