opendns-dnsdb 0.1.0

data/spec/by_ip_spec.rb

@@ -0,0 +1,54 @@
+
+require 'spec_helper'
+
+describe "by_ip" do
+  subject do
+    OpenDNS::DNSDB::new(sslcert: CERT_FILE, sslcertpasswd: CERT_PASSWD)
+  end
+
+  it "returns names for a nameserver" do
+    s = subject.names_by_nameserver_ip('208.69.39.2')
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+  end
+
+  it "returns names for multiple nameservers" do
+    s = subject.names_by_nameserver_ip(['208.69.39.2', '208.69.39.3'])
+    expect(s).to be_a_kind_of(Hash)
+    expect(s).not_to be_empty
+    s.each do |t|
+      expect(t).to be_a_kind_of(Enumerable)
+      expect(t).not_to be_empty
+    end
+  end
+
+  it "returns distinct names for multiple nameservers" do
+    s = subject.distinct_names_by_nameserver_ip(['208.69.39.2', '208.69.39.3'])
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+    expect(s.uniq - s).to be_empty
+  end
+
+  it "returns names for an ip" do
+    s = subject.names_by_ip('192.30.252.131')
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+  end
+
+  it "returns names for multiple ips" do
+    s = subject.names_by_ip(['192.30.252.131', '208.69.39.3'])
+    expect(s).to be_a_kind_of(Hash)
+    expect(s).not_to be_empty
+    s.each do |t|
+      expect(t).to be_a_kind_of(Enumerable)
+      expect(t).not_to be_empty
+    end
+  end
+
+  it "returns distinct names for multiple ips" do
+    s = subject.distinct_names_by_ip(['208.69.39.2', '208.69.39.3'])
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+    expect(s.uniq - s).to be_empty
+  end
+end

data/spec/by_name_spec.rb

@@ -0,0 +1,88 @@
+
+require 'spec_helper'
+
+describe "by_name" do
+  subject do
+    OpenDNS::DNSDB::new(sslcert: CERT_FILE, sslcertpasswd: CERT_PASSWD)
+  end
+
+  it "returns nameservers ips for a name" do
+    s = subject.nameservers_ips_by_name('github.com')
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+  end
+
+  it "returns nameservers ips for multiple names" do
+    s = subject.nameservers_ips_by_name(['github.com', 'github.io'])
+    expect(s).to be_a_kind_of(Hash)
+    expect(s).not_to be_empty
+    s.each do |t|
+      expect(t).to be_a_kind_of(Enumerable)
+      expect(t).not_to be_empty
+    end
+  end
+
+  it "returns distinct nameservers ips for multiple names" do
+    s = subject.distinct_nameservers_ips_by_name(['github.com', 'github.io'])
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+    expect(s.uniq - s).to be_empty
+  end
+
+  it "returns ips for a name" do
+    s = subject.ips_by_name('github.com')
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+  end
+
+  it "returns ips for multiple names" do
+    s = subject.ips_by_name(['github.com', 'github.io'])
+    expect(s).to be_a_kind_of(Hash)
+    expect(s).not_to be_empty
+    s.each do |t|
+      expect(t).to be_a_kind_of(Enumerable)
+      expect(t).not_to be_empty
+    end
+  end
+
+  it "returns distinct ips for multiple names" do
+    s = subject.distinct_ips_by_name(['github.com', 'github.io'])
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+    expect(s.uniq - s).to be_empty
+  end
+
+  it "returns mxs for multiple names" do
+    s = subject.mxs_by_name(['github.com', 'github.io'])
+    expect(s).to be_a_kind_of(Hash)
+    expect(s).not_to be_empty
+    s.each do |t|
+      expect(t).to be_a_kind_of(Enumerable)
+      expect(t).not_to be_empty
+    end
+  end
+
+  it "returns distinct mxs for multiple names" do
+    s = subject.distinct_mxs_by_name(['github.com', 'github.io'])
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+    expect(s.uniq - s).to be_empty
+  end
+
+  it "returns cnames for multiple names" do
+    s = subject.cnames_by_name(['www.skyrock.com', 'apple.com'])
+    expect(s).to be_a_kind_of(Hash)
+    expect(s).not_to be_empty
+    s.each do |t|
+      expect(t).to be_a_kind_of(Enumerable)
+      expect(t).not_to be_empty
+    end
+  end
+
+  it "returns distinct cnames for multiple names" do
+    s = subject.distinct_cnames_by_name(['www.skyrock.com', 'apple.com'])
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+    expect(s.uniq - s).to be_empty
+  end
+end

data/spec/label_spec.rb

@@ -0,0 +1,88 @@
+
+require 'spec_helper'
+
+describe "label" do
+  subject do
+    OpenDNS::DNSDB::new(sslcert: CERT_FILE, sslcertpasswd: CERT_PASSWD)
+  end
+
+  it "returns the label for github.com" do
+    s = subject.labels_by_name('github.com')
+    expect(s).to eq(:benign)
+  end
+  
+  it "returns the labels for github.com and skyrock.com" do
+    s = subject.labels_by_name(['github.com', 'skyrock.com'])
+    expect(s).to be_a_kind_of(Hash)
+    expect(s).not_to be_empty
+    expect(s['github.com']).to eq(:benign)
+    expect(s['skyrock.com']).to eq(:benign)    
+  end
+  
+  it "returns distinct labels for a set of names" do
+    s = subject.distinct_labels_by_name(['github.com', 'skyrock.com'])
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).to eq([:benign])
+  end
+  
+  it "returns whether a set of names contain suspicious ones" do
+    s = subject.include_suspicious?(['github.com', 'skyrock.com'])
+    expect(s).to be_false
+  end
+  
+  it "returns whether github.com is suspicious" do
+    s = subject.is_suspicious?('github.com')
+    expect(s).to be_false
+  end
+  
+  it "returns whether a set of names contain benign ones" do
+    s = subject.include_benign?(['github.com', 'skyrock.com'])
+    expect(s).to be_true
+  end
+  
+  it "returns whether github.com is benign" do
+    s = subject.is_benign?('github.com')
+    expect(s).to be_true
+  end  
+
+  it "returns whether example.com.x is unknown" do
+    s = subject.is_unknown?('example.com.x')
+    expect(s).to be_true
+  end  
+
+  it "returns the subset of names, flagged as suspicious" do
+    s = subject.suspicious_names(['excue.ru', 'github.com'])
+    expect(s).to include('excue.ru')
+    expect(s).not_to include('github.com')
+  end
+
+  it "returns the subset of names, not flagged as suspicious" do
+    s = subject.not_suspicious_names(['excue.ru', 'github.com'])
+    expect(s).not_to include('excue.ru')
+    expect(s).to include('github.com')
+  end
+
+  it "returns the subset of names, flagged as benign" do
+    s = subject.benign_names(['excue.ru', 'github.com'])
+    expect(s).not_to include('excue.ru')
+    expect(s).to include('github.com')
+  end
+
+  it "returns the subset of names, not flagged as benign" do
+    s = subject.not_benign_names(['excue.ru', 'github.com'])
+    expect(s).to include('excue.ru')
+    expect(s).not_to include('github.com')
+  end
+
+  it "returns the subset of names, flagged as unknown" do
+    s = subject.unknown_names(['excue.ru.z', 'github.com'])
+    expect(s).to include('excue.ru.z')
+    expect(s).not_to include('github.com')
+  end
+
+  it "returns the subset of names, not flagged as unknown" do
+    s = subject.not_unknown_names(['excue.ru', 'github.com'])
+    expect(s).not_to include('excue.ru.z')
+    expect(s).to include('github.com')
+  end
+end

data/spec/related_spec.rb

@@ -0,0 +1,92 @@
+
+require 'spec_helper'
+
+describe "related" do
+  subject do
+    OpenDNS::DNSDB::new(sslcert: CERT_FILE, sslcertpasswd: CERT_PASSWD)
+  end
+  
+  it "returns weighted related domains for www.github.com" do
+    s = subject.related_names_with_score('www.github.com')
+    expect(s).to be_a_kind_of(Hash)    
+    expect(s).not_to be_empty
+    expect(s.include?('www.github.com')).to be_false
+  end
+
+  it "returns weighted related domains for www.github.com and mozilla.org" do
+    s = subject.related_names_with_score(['www.github.com', 'mozilla.org'])
+    expect(s).to be_a_kind_of(Hash)
+    expect(s['www.github.com']).to be_a_kind_of(Hash)
+    expect(s['mozilla.org']).to be_a_kind_of(Hash)    
+    expect(s).not_to be_empty
+    expect(s['www.github.com'].include?('www.github.com')).to be_false
+    expect(s['mozilla.org'].include?('mozilla.org')).to be_false    
+  end
+
+  it "returns related domains for www.github.com" do
+    s = subject.related_names('www.github.com')
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+    expect(s.include?('www.github.com')).to be_false
+  end
+
+  it "returns related domains for www.github.com and mozilla.org" do
+    s = subject.related_names(['www.github.com', 'mozilla.org'])
+    expect(s).to be_a_kind_of(Hash)
+    expect(s).not_to be_empty
+    expect(s['www.github.com']).to be_a_kind_of(Enumerable)
+    expect(s['mozilla.org']).to be_a_kind_of(Enumerable)
+    expect(s['www.github.com'].include?('www.github.com')).to be_false
+    expect(s['mozilla.org'].include?('mozilla.org')).to be_false    
+  end
+  
+  it "returns related domains with a maximum number of names" do
+    s = subject.related_names(['www.github.com', 'mozilla.org'], max_names: 1)
+    expect(s).to be_a_kind_of(Hash)
+    expect(s).not_to be_empty
+    expect(s['www.github.com']).to be_a_kind_of(Enumerable)
+    expect(s['mozilla.org']).to be_a_kind_of(Enumerable)
+    expect(s['www.github.com'].size).to be 1
+    expect(s['mozilla.org'].size).to be 1
+  end
+  
+  it "returns distinct related names for www.github.com and mozilla.org" do
+    s = subject.distinct_related_names(['www.github.com', 'mozilla.org'])
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+  end
+
+  it "returns distinct related names with a maximum number of names" do
+    s = subject.distinct_related_names(['www.github.com', 'mozilla.org'],
+      max_names: 1)
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+    expect(s.size).to be 1
+  end
+
+  it "returns distinct related names, with a block" do
+    s = subject.distinct_related_names(['www.github.com',
+      'mozilla.org']) { |name| true }
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+
+    s = subject.distinct_related_names(['www.github.com',
+      'mozilla.org']) { |name| false }
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).to be_empty
+  end
+  
+  it "returns the result of a deep traversal on www.github.com" do
+    s = subject.distinct_related_names('www.github.com',
+      max_depth: 2, max_names: 1000)
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).not_to be_empty
+  end
+
+  it "returns the result of a deep traversal on www.github.com with a filter" do
+    s = subject.distinct_related_names('www.github.com',
+      max_depth: 2, max_names: 1000) { |name| false }
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s).to be_empty
+  end  
+end

data/spec/spec_helper.rb

@@ -0,0 +1,5 @@
+
+require 'opendns-dnsdb'
+
+CERT_FILE = '/tmp/client.p12'
+CERT_PASSWD = 'opendns'

data/spec/traffic_spec.rb

@@ -0,0 +1,36 @@
+
+require 'spec_helper'
+
+describe "traffic" do
+  subject do
+    OpenDNS::DNSDB::new(sslcert: CERT_FILE, sslcertpasswd: CERT_PASSWD)
+  end
+  
+  it "returns the daily traffic for the past 5 days" do
+    s = subject.daily_traffic_by_name('www.github.com', days_back: 5)
+    expect(s).to be_a_kind_of(Enumerable)
+    expect(s.size).to be 5
+    expect(s.first).to be > 0    
+  end
+
+  it "returns the daily traffic for the past 5 days for a vector" do
+    s = subject.daily_traffic_by_name(['www.github.com', 'github.com'], days_back: 5)
+    expect(s).to be_a_kind_of(Hash)
+    expect(s['www.github.com'].size).to be 5
+    expect(s['www.github.com'].first).to be > 0
+    expect(s['github.com'] == s['www.github.com'])
+  end
+  
+  it "returns the relative standard deviation for a name" do
+    s = subject.daily_traffic_by_name('www.github.com')
+    rsd = subject.relative_standard_deviation(s)
+    expect(rsd).to be_a_kind_of(Float)
+    expect(rsd).to be >= 0.0
+    expect(rsd).to be <= 100.0    
+  end
+  
+  it "returns a vector after a high pass filter" do
+    s = subject.high_pass_filter([1.0, 3.0, 5.0, 7.0, 9.0], cutoff: 5.0)
+    expect(s).to eq [0.0, 0.0, 5.0, 7.0, 9.0]
+  end
+end

metadata

@@ -0,0 +1,123 @@
+--- !ruby/object:Gem::Specification
+name: opendns-dnsdb
+version: !ruby/object:Gem::Version
+  version: 0.1.0
+platform: ruby
+authors:
+- Frank Denis
+autorequire: 
+bindir: bin
+cert_chain: []
+date: 2013-11-04 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.14'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '2.14'
+description: Client library for the OpenDNS Security Graph
+email:
+- frank@opendns.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- Gemfile
+- LICENSE
+- README.md
+- Rakefile
+- THANKS
+- docs/Makefile
+- docs/_themes/LICENSE
+- docs/_themes/README.rst
+- docs/_themes/flask_theme_support.py
+- docs/_themes/kr/layout.html
+- docs/_themes/kr/relations.html
+- docs/_themes/kr/static/flasky.css_t
+- docs/_themes/kr/static/small_flask.css
+- docs/_themes/kr/theme.conf
+- docs/_themes/kr_small/layout.html
+- docs/_themes/kr_small/static/flasky.css_t
+- docs/_themes/kr_small/theme.conf
+- docs/conf.py
+- docs/index.rst
+- docs/make.bat
+- docs/operations/by_ip.rst
+- docs/operations/by_name.rst
+- docs/operations/label.rst
+- docs/operations/related.rst
+- docs/operations/traffic.rst
+- lib/opendns-dnsdb.rb
+- lib/opendns-dnsdb/dnsdb.rb
+- lib/opendns-dnsdb/dnsdb/by_ip.rb
+- lib/opendns-dnsdb/dnsdb/by_name.rb
+- lib/opendns-dnsdb/dnsdb/label.rb
+- lib/opendns-dnsdb/dnsdb/related.rb
+- lib/opendns-dnsdb/dnsdb/response.rb
+- lib/opendns-dnsdb/dnsdb/rrutils.rb
+- lib/opendns-dnsdb/dnsdb/siphash.rb
+- lib/opendns-dnsdb/dnsdb/traffic.rb
+- lib/opendns-dnsdb/version.rb
+- opendns-dnsdb.gemspec
+- spec/by_ip_spec.rb
+- spec/by_name_spec.rb
+- spec/label_spec.rb
+- spec/related_spec.rb
+- spec/spec_helper.rb
+- spec/traffic_spec.rb
+homepage: https://github.com/jedisct1/opendns-dnsdb-ruby
+licenses: []
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.1.1
+signing_key: 
+specification_version: 4
+summary: Client library for the OpenDNS Security Graph
+test_files:
+- spec/by_ip_spec.rb
+- spec/by_name_spec.rb
+- spec/label_spec.rb
+- spec/related_spec.rb
+- spec/spec_helper.rb
+- spec/traffic_spec.rb
+has_rdoc: