nexpose_pxgrid 0.1.5-java → 0.1.6-java

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: b491e0306e3ef6a0a86c6c130aac80a8593ea78d
-  data.tar.gz: 15dead73f58934f3d38f117c959ed741017ac975
+  metadata.gz: 9f3dd786f91f67ebfedddc7e245d0dc91342a81f
+  data.tar.gz: 7e347687d3a930eb6ce1b6f8bcd0542cdb06b167
 SHA512:
-  metadata.gz: b93c8118dc23da7bb0b0ef382ffa419881bdbf314811ec046af45bd9693779eb7c4534adca13210b00e5ad5d4b3d438408e9854396b11130e3ca7abe44d4adfb
-  data.tar.gz: 1d1ea1ae083831bcabd3d3cc7a1a79473e5997c4ae7b82825bfb7e41d8cad2c381c7f91a4687b02d88b1270e9bb0137b50778ce038409d862fec4fe8c81ab28f
+  metadata.gz: 8dfe8962967e0b7fe97418862db36686ef384e18c946f235abe6118eb1502a5d958a370a9c0739837240723ce389bc6edbdfedbb43c2457d0ed378fff4a7c3dd
+  data.tar.gz: 32eeb3cb67ec67f6679f7b168bb1eaea355a88626ec586ad01ec63dabd97abed26d7520b823a1dd9f141a0a7402c145723985801fa8f46c0845824657f704def

data/README.md

@@ -2,7 +2,7 @@
 
 This is the official gem package for the Nexpose Cisco PxGrid Integration.
 
-For assistance with using the gem please email the Rapid7 integrations support team at integrations_support@rapid7.com.
+For assistance with using the gem please email the Rapid7 support team at support@rapid7.com.
 
 ## Installation
 
@@ -37,18 +37,48 @@ Also, the user must be part of the EPS group.
 
 ## Usage
 
-To use the PxGrid integration after installing the gem and configuring the Cisco ISE:
-* Edit the pxnx.config file under the gem config folder and add the necessary data.
-* Setup the necessary Environment variables, containing information on the ISE instance, listed in the documentation.
-* Run the pxnx.rb file under the bin folder. If installed with Gem the command `console> jruby pxnx.rb` should suffice.
+To use the PxGrid integration after installing the gem and configuring the Cisco ISE:  
+
+* Set up the KeyStore and TrustStore using certificates from the machine running the integration as well as the Cisco ISE installation.  
+Please request documentation for this integration from support if you require more information on how set up the certificate stores, or see the Cisco PxGrid documentation.
+* Edit the pxnx.config file under the gem config folder and add the necessary data.  
+* Set up the necessary Environment variables, containing information on the ISE instance, as listed in the documentation.  
+* Run the nexpose_pxgrid file from within the bin folder.  
+If the gem was installed via RubyGems, calling the command `jruby nexpose_pxgrid` should suffice.
+
+Note: The gem is usually installed under  
 
-Note: Gem is usually installed under
  * Windows: C:\Ruby\<version\>\lib\ruby\gems\version\gems
- * Linux: /var/lib/gems/\<version\>/gems/
+ * Linux: /var/lib/gems/\<version\>/gems/  
 Please refer to your particular Ruby documentation for actual installation folder.
 
 A logger is also implemented by default, and the log can be found under `/var/lib/logs/`; please refer to the log file in case of an error.
 
+### Encryption Settings
+
+The usernames and passwords within the configuration files are automatically encrypted when the integration runs. The key and IV files used during encryption/decryption are saved within the config folder by default.
+
+#### Setting Custom Locations for Encryption Files
+
+To set custom locations for the key and IV files, update the following values within the encryption.config file:
+
+ - key_filename - The absolute path to where the key file will be created.
+ - iv_file - The absolute path to where the IV file will be created.
+
+To set a custom path after the integration has already executed, the files must be moved to the new location manually.
+
+#### Encrypting the Configuration without running the Integration
+The Nexpose PxGrid integration can encrypt its configuration file without running the gem. This allows users to secure their login information for future use e.g for use in a cron-schedule. 
+ 
+The command to do so is:  
+```
+nexpose_pxgrid -e
+```  
+or  
+```
+nexpose_pxgrid --encrypt_config
+```
+
 ## Development
 
 After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake false` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
@@ -63,3 +93,16 @@ Bug reports and pull requests are welcome on GitHub at https://github.com/[USERN
 
 The gem is available as open source under the terms of the [MIT License](http://opensource.org/licenses/MIT).
 
+## Changelog
+
+### 0.1.6
+Implemented encryption for the configuration file, removing the storage of clear text passwords. Usernames and passwords within the configuration files are now encrypted when the application runs.  
+
+Command line options have been added to the gem. Several are common to all Nexpose gem integrations. Call the gem with '-h' or '--help' to view these options.
+
+### 0.1.5
+Added option to allow the port of the Nexpose Console to be chosen.
+Fixed an issue where devices were not correctly being quarantined.
+
+### 0.1.4
+Added option to allow the scan type to be chosen when assessing assets joining the network. (Zac Youtz)

data/bin/{pxnx.rb → nexpose_pxgrid}

@@ -1,22 +1,30 @@
 #!/usr/bin/env ruby
 require 'pxnx_jruby'
-require 'yaml'
-require 'pxnx_jruby/nx_logger'
+require 'pxnx_jruby/utilities/config_parser'
+require 'pxnx_jruby/utilities/nx_logger'
+require 'pxnx_jruby/utilities/gem_options'
 require 'pxnx_jruby/version'
 
 begin
-# Path to the pxnx Configuration file.
+  # Path to the pxnx Configuration file.
   PXNX_CONFIG_PATH = File.join(File.dirname(__FILE__),
                                '../lib/pxnx_jruby/config/pxnx.config')
+  config_path = File.expand_path(PXNX_CONFIG_PATH)
+
+  # Setup CLI Options
+  GemOptions.create_parser
+      .with_banner_and_options('nexpose_pxgrid')
+      .with_configuration_encryption([config_path])
+      .with_help_and_version('Nexpose Cisco PxGrid', PxnxJruby::VERSION)
+      .parse
+
   # Read in pxnx options from pxnx.config.
-  pxnx_options = begin
-    YAML.load_file(PXNX_CONFIG_PATH)
-  rescue ArgumentError => e
-    raise "Could not parse YAML #{PXNX_CONFIG_PATH} : #{e.message}"
-  end
+  pxnx_options = ConfigParser.get_config(config_path)
 
   log = PxnxJruby::NxLogger.instance
-  log.setup_statistics_collection(PxnxJruby::VENDOR, PxnxJruby::PRODUCT, PxnxJruby::VERSION)
+  log.setup_statistics_collection(PxnxJruby::VENDOR,
+                                  PxnxJruby::PRODUCT,
+                                  PxnxJruby::VERSION)
   log.setup_logging(pxnx_options[:logging_enabled], 
                     pxnx_options[:log_level] || 'info')
 
@@ -27,7 +35,8 @@ begin
   pxnx_options[:grid_connection] = connection
   PxnxJruby::ConnectionManager.instance.setup(pxnx_options)
   # Subscribes to SessionDirectoryNotification!
-  Java::com.cisco.pxgrid.stub.identity.SessionDirectoryFactory.registerNotification(connection.grid, handler)
+  Java::com.cisco.pxgrid.stub.identity
+      .SessionDirectoryFactory.registerNotification(connection.grid, handler)
   # TODO: Exception handling.
 rescue java.lang.IllegalStateException => e
   puts("Error when executing pxnx! The error was <#{e.message}> and backtrace was <#{e.backtrace.join("\n")}>.")

data/lib/pxnx_jruby/config/encryption.config

@@ -0,0 +1,20 @@
+#
+# Symmetric Encryption for Ruby
+#
+---
+production:
+  # Since the encryption key must NOT be stored along with the
+  # source code, only store the key encryption key here.
+  private_rsa_key:
+
+  # List Symmetric Key Ciphers in the order of current / newest first
+  ciphers:
+    -
+      # Name of the file containing the encrypted key and iv.
+      key_filename: <absolute/path/to/filename>.key
+      iv_filename: <absolute/path/to/filename>.iv
+
+      cipher: aes-256-cbc
+      encoding: base64strict
+      version: 1
+      always_add_header: true

data/lib/pxnx_jruby/config/pxnx.config

@@ -25,6 +25,8 @@
   :scan_timeout: 3600
   # (M) Nexpose scan template ID to be used while creating temporary Site for scanning.
   :scan_template_id: full-audit
+  # (M) The port Nexpose listens on. Default is 3780
+  :nexpose_port: 3780
 # Cisco pxGrid options. Note all of these options can be set through environment variables of the same capitalised name e.g. ISE_URL instead of :ise_url
 :pxg_data:
   # Cisco Identity Services Engine hostname/ip.
@@ -39,4 +41,7 @@
 #  :keystore_password: nxadmin
   # Truststore passphrase (Truststore located at pxnx/truststore.jks)
 #  :truststore_password: nxadmin
+:encryption_options:
+  # (M) Path to the encryption.config file. Generally should not be modified.
+  :directory: '../../config/encryption.config'
 

data/lib/pxnx_jruby/connection.rb

@@ -49,7 +49,7 @@ module PxnxJruby
     def get_option(option)
       value = ENV[option.to_s.upcase]
       value ||= (@options[:pxg_data] || {})[option] unless @options.nil?
-      @log.info('No configuration value found for #{option}') if value.nil?
+      @log.info("No configuration value found for #{option}") if value.nil?
       value
     end
 

data/lib/pxnx_jruby/nexpose_connection.rb

@@ -1,6 +1,6 @@
 module PxnxJruby
   class NexposeConnection
-    require_relative 'nx_logger'
+    require 'pxnx_jruby/utilities/nx_logger'
     require 'nexpose'
     require 'waitutil'
     require 'java'
@@ -13,10 +13,12 @@ module PxnxJruby
 
     def initialize(ips, options = {})
       @log = LoggerFactory.getLogger(NexposeConnection.become_java!)
-      @nsc = Nexpose::Connection.new(options[:nexpose_data][:nxconsole],options[:nexpose_data][:nxuser], ENV['NEXPOSE_PASSWORD'])
+      @nsc = Nexpose::Connection.new(options[:nexpose_data][:nxconsole],
+                                     options[:nexpose_data][:nxuser], 
+                                     ENV['NEXPOSE_PASSWORD'], 
+                                     options[:nexpose_data][:nexpose_port])
       @log.info("Connecting to nexpose console: #{options[:nexpose_data][:nxconsole]}.")
-      @nsc.login
-      PxnxJruby::NxLogger.instance.on_connect(options[:nexpose_data][:nxconsole], 3780, @nsc.session_id, "{}")
+      @nsc.login      
       @ip_list = ips
       @options = options
     end
@@ -60,9 +62,16 @@ module PxnxJruby
     end
 
     def self.is_valid_scan_template(options)
-      nsc = Nexpose::Connection.new(options[:nexpose_data][:nxconsole],options[:nexpose_data][:nxuser], ENV['NEXPOSE_PASSWORD'])
+      nsc = Nexpose::Connection.new(options[:nexpose_data][:nxconsole],
+                                    options[:nexpose_data][:nxuser], 
+                                    ENV['NEXPOSE_PASSWORD'], 
+                                    options[:nexpose_data][:nexpose_port])
       nsc.login
+      PxnxJruby::NxLogger.instance.on_connect(options[:nexpose_data][:nxconsole], 
+                                              options[:nexpose_data][:nexpose_port], 
+                                              nsc.session_id, 
+                                              "{}")
       return nsc.list_scan_templates.select{|template_summary| template_summary.id.eql?(options[:nexpose_data][:scan_template_id])}.any?
     end
    end
-end
+end

data/lib/pxnx_jruby/utilities/config_parser.rb

@@ -0,0 +1,141 @@
+require 'erb'
+require 'yaml'
+require 'fileutils'
+require 'symmetric-encryption'
+
+class ConfigParser
+  ENCRYPTED_FORMAT = '<%%= SymmetricEncryption.try_decrypt "%s" %%>'
+  PLACEHOLDER = '<absolute/path/to/filename>'
+  # The environment to use, defined within the encryption config
+  STANZA = 'production'
+  # The line width of the YAML file before line-wrapping occurs
+  WIDTH = 120
+
+  # Encrypts a configuration file and returns the unencrypted hash.
+  def self.get_config(config_path, enc_path=nil)
+    # Try to load a path from the provided config
+    custom_enc_path = get_enc_directory(config_path)
+    enc_path = custom_enc_path unless custom_enc_path.nil?
+
+    enc_path = File.expand_path(enc_path, __FILE__)
+    config_path = File.expand_path(config_path)
+
+
+    generate_keys(enc_path, config_path)
+    encrypt_config(enc_path, config_path)
+    decrypt_config(enc_path, config_path)
+  end
+
+  # Writes the YAML to file with custom formatting options
+  def self.save_config(config_details, config_path)
+    yaml = config_details.to_yaml(line_width: WIDTH)
+    File.open(config_path, 'w') {|f| f.write yaml }
+  end
+
+  def self.encrypt_field(value)
+    encrypted_value = SymmetricEncryption.encrypt value
+    ENCRYPTED_FORMAT % encrypted_value
+  end
+
+  # Retrieves the custom directory of the encryption config
+  def self.get_enc_directory(config_path)
+    settings = YAML.load_file(config_path)
+    return nil if settings[:encryption_options].nil?
+
+    enc_dir = settings[:encryption_options][:directory]
+    return nil if (enc_dir.nil? || enc_dir == '')
+
+    File.expand_path(enc_dir, __FILE__)
+  end
+
+  # Generates the RSA key, associated files and directories.
+  def self.generate_keys(enc_path, config_path)
+    settings = YAML.load_file(enc_path)
+    key = settings[STANZA]['private_rsa_key']
+
+    # Recognise an existing key
+    return unless (key.nil? || key == '')
+
+    # Generate a new RSA key and store the details
+    new_rsa_key = SymmetricEncryption::KeyEncryptionKey.generate
+    settings[STANZA]['private_rsa_key'] = new_rsa_key
+    save_config(settings, enc_path)
+
+    # Populate the placeholder values within the config
+    populate_ciphers(enc_path, config_path)
+
+    # Need to create a folder (specified by the user) to store the key files
+    dir = File.dirname(settings[STANZA]['ciphers'].first['key_filename'])
+
+    begin
+      unless File.directory?(dir) || PLACEHOLDER.include?(dir)
+        puts "Creating folder: #{dir}"
+        FileUtils::mkdir_p dir
+      end
+    rescue Exception => e
+      msg = "Unable to create the folders used to store encryption details.\n"\
+            'Please ensure the user has permissions to create folders in the ' \
+            "path specified in the  encryption config: #{enc_path}\n"
+      handle_error(msg, e)
+    end
+
+    SymmetricEncryption.generate_symmetric_key_files(enc_path, STANZA)
+  end
+
+  # Replace placeholder values for the key and iv file paths,
+  # placing them in the config folder by default.
+  def self.populate_ciphers(enc_path, config_path)
+    settings = YAML.load_file(enc_path)
+    ciphers = settings[STANZA]['ciphers'].first
+    config_folder = File.dirname(config_path)
+    config_name = File.basename(config_path, File.extname(config_path))
+
+    %w(key iv).each do |file|
+      label = "#{file}_filename"
+      file_path = ciphers[label]
+      next unless file_path.include? PLACEHOLDER
+
+      filename = ".#{config_name}.#{file}"
+      ciphers[label] = File.join(config_folder, filename)
+    end
+
+    save_config(settings, enc_path)
+  end
+
+  def self.encrypt_config(enc_path, config_path)
+    SymmetricEncryption.load!(enc_path, STANZA)
+
+    # Read the config in as an array of strings
+    f = File.open(config_path)
+    config_lines = f.readlines
+    f.close
+
+    # Define the regex that can find relevant fields
+    regex = /^(?<label>\s*:?\w*(passw|pwd|user|usr)\w*:?\s)(?<value>.*)$/
+
+    # Line by line, write the line to file, encrypting sensitive fields
+    File.open(config_path, 'w+') do |f|
+      config_lines.each do |l|
+        matches = l.match(regex)
+
+        # Encrypt fields with username/password labels that are in plaintext
+        unless matches.nil? || matches['value'].include?('SymmetricEncryption')
+          l = "#{matches['label']}#{encrypt_field(matches['value'])}"
+        end
+
+        f.puts l
+      end
+    end
+  end
+
+  # Returns a hash containing the decrypted details from a config file.
+  def self.decrypt_config(enc_path, config_path)
+    SymmetricEncryption.load!(enc_path, STANZA)
+    return YAML.load(ERB.new(File.new(config_path).read).result)
+  end
+
+  def self.handle_error(message, error)
+    puts message
+    raise error
+  end
+end

data/lib/pxnx_jruby/utilities/gem_options.rb

@@ -0,0 +1,91 @@
+require 'optparse'
+
+class GemOptions
+
+  @parser
+
+  def self.create_parser
+    @parser = OptionParser.new
+    self
+  end
+
+  # How the gem is used e.g 'nexpose ticketing jira [options]'
+  def self.with_banner(gem_usage_string)
+    @parser.banner = "Usage: #{gem_usage_string} [options]"
+    @parser.separator ''
+    self
+  end
+
+  # Header for options list
+  def self.with_options
+    @parser.separator 'Options:'
+    self
+  end
+
+  # Creates banner and options
+  def self.with_banner_and_options(gem_usage_string)
+    with_banner(gem_usage_string)
+    with_options
+    self
+  end
+
+  # For setting encryption switch. Can be set to work with two configurations
+  # Config_paths is an array
+  def self.with_configuration_encryption(config_paths, enc_path = nil)
+    @parser.on('-e',
+            '--encrypt_config',
+            'Encrypt the configuration file(s) without running the gem') do |e|
+      ConfigParser.get_config(config_paths.first, enc_path) unless enc_path.nil?
+      ConfigParser.get_config(config_paths.last)
+      puts "\nConfiguration File(s) Encrypted"
+      exit
+    end
+    self
+  end
+
+  def self.with_help
+    @parser.on_tail('-h', '--help', 'Show this message') do |h|
+      puts @parser
+      exit
+    end
+    self
+  end
+
+  def self.with_version(gem, version)
+    @parser.on_tail('--version', 'Version Information') do |v|
+      puts "#{gem} #{version}"
+      exit
+    end
+    self
+  end
+
+  def self.with_help_and_version(gem, version)
+    with_help
+    with_version(gem, version)
+    self
+  end
+
+  # Method to allow integrations to create own options, with both short and long
+  # switches and description.
+  # Handler is the block to run when option is called.
+  def self.with_other_option(short_switch, long_switch, description, &handler)
+    @parser.on("-#{short_switch}", "--#{long_switch}", description) do |opt|
+      handler.call
+    end
+  end
+
+  # Method to allow integrations to create own options, with only one size of
+  # switch and description.
+  # '-' for short switches and '--' for long switches is required.
+  # Handler is the block to run when option is called.
+  def self.with_single_switch_option(identifier, switch, description, &handler)
+    @parser.on("#{identifier}#{switch}", description) do |opt|
+      handler.call
+    end
+  end
+
+  # Parses the options to make them available
+  def self.parse
+    @parser.parse!
+  end
+end

data/lib/pxnx_jruby/version.rb

@@ -1,5 +1,5 @@
 module PxnxJruby
   PRODUCT = 'pxGrid'
   VENDOR = 'Cisco'
-  VERSION = "0.1.5"
+  VERSION = "0.1.6"
 end

metadata

@@ -1,47 +1,46 @@
 --- !ruby/object:Gem::Specification
 name: nexpose_pxgrid
 version: !ruby/object:Gem::Version
-  version: 0.1.5
+  version: 0.1.6
 platform: java
 authors:
 - Damian Finol
 - JJ Cassidy
 - Gary Robinson
-autorequire: 
+autorequire:
 bindir: bin
 cert_chain: []
-date: 2017-03-03 00:00:00.000000000 Z
+date: 2017-06-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
-  name: bundler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.10'
-  type: :development
+  name: bundler
   prerelease: false
+  type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '1.10'
 - !ruby/object:Gem::Dependency
-  name: rake
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
-  type: :development
+  name: rake
   prerelease: false
+  type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
 - !ruby/object:Gem::Dependency
-  name: rspec
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -50,8 +49,9 @@ dependencies:
     - - ">="
       - !ruby/object:Gem::Version
         version: 3.2.0
-  type: :development
+  name: rspec
   prerelease: false
+  type: :development
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
@@ -61,79 +61,95 @@ dependencies:
       - !ruby/object:Gem::Version
         version: 3.2.0
 - !ruby/object:Gem::Dependency
-  name: nexpose
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.9.0
-  type: :runtime
+  name: nexpose
   prerelease: false
+  type: :runtime
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: 0.9.0
 - !ruby/object:Gem::Dependency
-  name: rufus-scheduler
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.1'
-  type: :runtime
+  name: rufus-scheduler
   prerelease: false
+  type: :runtime
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '3.1'
 - !ruby/object:Gem::Dependency
-  name: thread_safe
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.3'
-  type: :runtime
+  name: thread_safe
   prerelease: false
+  type: :runtime
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.3'
 - !ruby/object:Gem::Dependency
-  name: waitutil
   requirement: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.2'
-  type: :runtime
+  name: waitutil
   prerelease: false
+  type: :runtime
   version_requirements: !ruby/object:Gem::Requirement
     requirements:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '0.2'
-description: This JRuby Gem allows Nexpose to scan IPs detected by Cisco pxGrid and
-  apply quarantines.
+- !ruby/object:Gem::Dependency
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.9'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.9.0
+  name: symmetric-encryption
+  prerelease: false
+  type: :runtime
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.9'
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: 3.9.0
+description: This JRuby Gem allows Nexpose to scan IPs detected by Cisco pxGrid and apply quarantines.
 email:
 - integrations@rapid7.com
 executables: []
 extensions: []
 extra_rdoc_files: []
 files:
-- ".gitignore"
-- ".travis.yml"
 - Gemfile
 - LICENCE.APACHE
 - LICENSE.MIT
 - README.md
 - RadiusSimulator.jar
-- Rakefile
 - bin/logback.xml
-- bin/pxnx.rb
+- bin/nexpose_pxgrid
 - bin/pxnx_daemon.rb
 - keystore.jks
 - lib/java_libs/FastInfoset-1.2.12.jar
@@ -178,25 +194,27 @@ files:
 - lib/java_libs/wsdl4j-1.6.2.jar
 - lib/java_libs/xmlschema-core-2.0.3.jar
 - lib/pxnx_jruby.rb
+- lib/pxnx_jruby/config/encryption.config
 - lib/pxnx_jruby/config/pxnx.config
 - lib/pxnx_jruby/connection.rb
 - lib/pxnx_jruby/connection_manager.rb
 - lib/pxnx_jruby/eps_broker.rb
 - lib/pxnx_jruby/nexpose_connection.rb
-- lib/pxnx_jruby/nx_logger.rb
 - lib/pxnx_jruby/session_directory_notification.rb
 - lib/pxnx_jruby/spoon/README
 - lib/pxnx_jruby/spoon/pxnx_daemon_unix.rb
 - lib/pxnx_jruby/spoon/pxnx_daemon_windows.rb
 - lib/pxnx_jruby/spoon/pxnx_runner.rb
+- lib/pxnx_jruby/utilities/config_parser.rb
+- lib/pxnx_jruby/utilities/gem_options.rb
+- lib/pxnx_jruby/utilities/nx_logger.rb
 - lib/pxnx_jruby/version.rb
-- pxnx.gemspec
 - truststore.jks
 homepage: http://www.rapid7.com
 licenses:
 - MIT
 metadata: {}
-post_install_message: 
+post_install_message:
 rdoc_options: []
 require_paths:
 - lib
@@ -211,9 +229,9 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.5.2
-signing_key: 
+rubyforge_project:
+rubygems_version: 2.4.8
+signing_key:
 specification_version: 4
 summary: Nexpose - pxGrid Node implementation.
 test_files: []

data/.gitignore

@@ -1,12 +0,0 @@
-/.bundle/
-/.yardoc
-/Gemfile.lock
-/_yardoc/
-/coverage/
-/doc/
-/pkg/
-/spec/reports/
-/tmp/
-.idea/*
-*DS_Store*
-*.log

data/.travis.yml

@@ -1,4 +0,0 @@
-language: ruby
-rvm:
-  - 1.9.3
-before_install: gem install bundler -v 1.10.2

data/Rakefile

@@ -1,31 +0,0 @@
-#require "bundler/gem_tasks"
-require 'rake'
-require 'ipaddr'
-require 'bundler'
-require 'pxnx_jruby'
-
-namespace :pxnx do
-  task :default => :simulate
-  # TODO. (!) Read the parameters from arg/config/env/etc.
-  desc 'Authenticate and connect through Radius'
-  task :simulate, [:ip] => [:authenticate, :connect] do |t, args|
-    puts 'Sent Radius packets. Check log file.'
-  end
-
-  desc 'Authenticate to Radius'
-  task :authenticate, :ip do |t, args|
-    args.with_defaults(ip: PxnxJruby.random_ip)
-    @ip = args[:ip]
-    sh "java -cp #{File.expand_path File.dirname(__FILE__)}/RadiusSimulator.jar -DUSERNAME=dfinol -DPASSWORD=Nexpose4lyfe -DCALLING_STATION_ID=11:22:33:44:55:66 -DAUDIT_SESSION_ID=1001 -DFRAMED_IP_ADDRESS=#{@ip} -DRADIUS_SECRET=nxadmin -DFRAMED_IP_MASK=255.255.255.255 RadiusAuthentication 10.4.91.100"
-  end
-
-  desc 'Start accounting'
-  task :connect, :ip  do |t, args|
-    sh "java -cp #{File.expand_path File.dirname(__FILE__)}/RadiusSimulator.jar -DUSERNAME=dfinol -DPASSWORD=Nexpose4lyfe -DCALLING_STATION_ID=11:22:33:44:55:66 -DAUDIT_SESSION_ID=1001 -DFRAMED_IP_ADDRESS=#{@ip} -DRADIUS_SECRET=nxadmin -DFRAMED_IP_MASK=255.255.255.255 RadiusAccountingStart 10.4.91.100"
-  end
-
-  desc 'Stop accounting'
-  task :stop, :ip  do |t, args|
-    sh "java -cp #{File.expand_path File.dirname(__FILE__)}/RadiusSimulator.jar -DUSERNAME=dfinol -DPASSWORD=Nexpose4lyfe -DCALLING_STATION_ID=11:22:33:44:55:66 -DAUDIT_SESSION_ID=1001 -DFRAMED_IP_ADDRESS=#{@ip} -DRADIUS_SECRET=nxadmin -DFRAMED_IP_MASK=255.255.255.255 RadiusAccountingStop 10.4.91.100"
-  end
-end

data/pxnx.gemspec

@@ -1,28 +0,0 @@
-# coding: utf-8
-lib = File.expand_path('../lib', __FILE__)
-$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
-require 'pxnx_jruby/version'
-
-Gem::Specification.new do |spec|
-  spec.name          = 'nexpose_pxgrid'
-  spec.version       = PxnxJruby::VERSION
-  spec.authors       = ['Damian Finol', 'JJ Cassidy', 'Gary Robinson']
-  spec.email         = ['integrations@rapid7.com']
-  spec.summary       = %q{Nexpose - pxGrid Node implementation.}
-  spec.description   = %q{This JRuby Gem allows Nexpose to scan IPs detected by Cisco pxGrid and apply quarantines.}
-  spec.homepage      = 'http://www.rapid7.com'
-  spec.license       = 'MIT'
-  spec.files         = `git ls-files -z`.split("\x0").reject { |f| f.match(%r{^(test|spec|features|logs|releases)/}) }
-  spec.bindir        = 'bin'
-  spec.platform      = 'java'
-  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
-  spec.require_paths = ['lib']
-  spec.add_development_dependency 'bundler', '~> 1.10'
-  spec.add_development_dependency 'rake', '~> 10.0'
-  spec.add_development_dependency 'rspec', '~> 3.2', '>= 3.2.0' 
-# Can't use >= 1.0  because JRuby is not compatible with Ruby >= 2.
-  spec.add_runtime_dependency 'nexpose', '~>0.9.0'
-  spec.add_runtime_dependency 'rufus-scheduler', '~>3.1'
-  spec.add_runtime_dependency 'thread_safe', '~>0.3'
-  spec.add_runtime_dependency 'waitutil', '~>0.2'
-end