Navigation

← Previous Changeset
Next Changeset →

Changeset 1203

Timestamp:

02/15/08 20:07:42 (6 months ago)

Author:

kindlund

Message:

Housekeeping, improved database integration.

Files:

honeyclient/trunk/etc/honeyclient.xml (modified) (3 diffs)
honeyclient/trunk/lib/HoneyClient/DB (deleted)
honeyclient/trunk/lib/HoneyClient/DB.pm (deleted)
honeyclient/trunk/lib/HoneyClient/Manager.pm (modified) (17 diffs)
honeyclient/trunk/lib/HoneyClient/Manager/Database.pm (modified) (1 diff)

Legend:

: Unmodified
: Added
: Removed
: Modified
: Copied
: Moved

honeyclient/trunk/etc/honeyclient.xml

r1196	r1203
329	329	</Integrity>
330	330	</Agent>
331		~~<!-- HoneyClient::DB Options -->~~
332		~~<DB>~~
333		~~<enable description="Enables database operations. 1 enables, 0 disables." default="0">~~
334		1
335		~~</enable>~~
336		~~<host description="The system providing the HoneyClient database. If the database is installed on the same host system as the Manager, then localhost should be used." default="127.0.0.1">~~
337		~~172.16.164.1~~
338		~~</host>~~
339		~~<dbname description="The name of the HoneyClient database." default="HoneyClient_v2">~~
340		~~HoneyClient_v2_dev~~
341		~~</dbname>~~
342		~~<user description="The username to use, when connecting to the HoneyClient database.">~~
343		~~hc_user~~
344		~~</user>~~
345		~~<pass description="The password to use, when connecting to the HoneyClient database.">~~
346		~~hc_pass~~
347		~~</pass>~~
348		~~<port description="The default TCP port number used to communicate with the database." default="3306">~~
349		~~3306~~
350		~~</port>~~
351		~~</DB>~~
352	331	<Manager>
353	332	<!-- TODO: Update this. -->
…	…
367	346	8089
368	347	</port>
369		~~<vmnet_nat_router_address description="The IP address assigned to the VMware NAT interface (usually called vmnet8)." default="192.168.0.1">~~
370		~~192.168.0.1~~
371		~~</vmnet_nat_router_address>~~
372		~~<!-- TODO: Update this. -->~~
373		~~<conffile description="Logging options that can be applied to specify the layout of the logging messages.">~~
374		~~etc/honeyclient_log.conf~~
375		~~</conffile>~~
376	348	<max_agent_error_count description="When the Agent is running, this value is the maximum number of SOAP communication errors the Manager will ignore (e.g., timeouts) before the Manager suspends the corresponding VM and clones a new Agent. These errors mainly occur when the Manager loses connectivity to the Agent for some reason (i.e., software/OS crashing inside the VM). Otherwise, the Manager would loop forever trying to reconnect with the faulty VM. This value should never be set to 0 and should always be positive." default="3">
377	349	3
…	…
379	351	<!-- HoneyClient::Manager::Database Options -->
380	352	<Database>
381		<!-- TODO: Update this. -->
382		<web_service_url>
	353	<enable description="Enables database operations. 1 enables, 0 disables." default="0">
	354	1
	355	</enable>
	356	<!-- TODO: Update this. -->
	357	<url description="The URL of the local Ruby web service, which interfaces with the local HoneyClient database.">
383	358	http://172.16.164.103:3000/hc_database/api
384		</~~web_service_~~url>
	359	</url>
385	360	</Database>
386	361	<!-- HoneyClient::Manager::FW Options -->
387	362	<FW>
	363	<vmnet_nat_router_address description="The IP address assigned to the VMware NAT interface (usually called vmnet8)." default="192.168.0.1">
	364	192.168.0.1
	365	</vmnet_nat_router_address>
388	366	<!-- TODO: Update this. -->
389	367	<address description="eth0 interface static IP">

honeyclient/trunk/lib/HoneyClient/Manager.pm

r1201	r1203
239	239	use HoneyClient::Util::Config qw(getVar);
240	240
241		# Check if HoneyClient::DB support is enabled.
	241	# Check if HoneyClient::Manager::Database support is enabled.
242	242	my $DB_ENABLE = getVar(name => "enable",
243		namespace => "HoneyClient::DB");
244
	243	namespace => "HoneyClient::Manager::Database");
245	244	if ($DB_ENABLE) {
246		# Make sure HoneyClient::~~DB::Fingerprint loads.~~
247		require_ok('HoneyClient::~~DB::Fingerprint~~');
248		require HoneyClient::~~DB::Fingerprint~~;
	245	# Make sure HoneyClient::Manager::Database loads.
	246	require_ok('HoneyClient::Manager::Database');
	247	require HoneyClient::Manager::Database;
249	248	}
250	249
…	…
286	285	# XXX: Remove this, eventually.
287	286	# TODO: Include unit tests.
288		use HoneyClient::Manager::VM qw();
289
290		# Check if HoneyClient::DB support is enabled.
	287	#use HoneyClient::Manager::VM qw();
	288
	289	# Check if HoneyClient::Manager::Database support is enabled.
291	290	our $DB_ENABLE = getVar(name => "enable",
292		namespace => "HoneyClient::DB");
	291	namespace => "HoneyClient::Manager::Database");
293	292	our $clientDbId = 0;
294		~~our %link_categories;~~
295	293
296	294	if ($DB_ENABLE) {
297		~~# Include HoneyClient::DB Utility Libraries~~
298		~~# TODO: Include unit tests.~~
299		~~require HoneyClient::DB::Fingerprint;~~
300		~~require HoneyClient::DB::Client;~~
301		~~require HoneyClient::DB::Url::History;~~
302		~~require HoneyClient::DB::Time;~~
303		~~%link_categories = (~~
304		~~$HoneyClient::DB::Url::History::STATUS_VISITED => 'links_visited',~~
305		~~$HoneyClient::DB::Url::History::STATUS_TIMED_OUT => 'links_timed_out',~~
306		~~# For the time being, ignored links will not be inserted.~~
307		~~# $HoneyClient::DB::Url::History::STATUS_IGNORED => 'links_ignored',~~
308		);
309
310	295	require HoneyClient::Manager::Database;
311	296	}
…	…
327	312	use Storable qw(nfreeze thaw);
328	313
329		~~# Include VmPerl Constants.~~
330		~~# TODO: Include unit tests.~~
331		~~use VMware::VmPerl qw(VM_EXECUTION_STATE_ON~~
332		~~VM_EXECUTION_STATE_OFF~~
333		~~VM_EXECUTION_STATE_STUCK~~
334		~~VM_EXECUTION_STATE_SUSPENDED);~~
335
336	314	# TODO: Include unit tests.
337	315	use IO::File;
…	…
351	329	# The global logging object.
352	330	our $LOG = get_logger();
353
354		~~# Complete URL of SOAP server, when initialized.~~
355		~~our $URL_BASE : shared = undef;~~
356		~~our $URL : shared = undef;~~
357
358		~~# The process ID of the SOAP server daemon, once created.~~
359		~~our $DAEMON_PID : shared = undef;~~
360
361		~~# XXX: These will be migrated somewhere else, eventually.~~
362		~~our $vmCloneConfig = undef;~~
363	331
364	332	# This is a temporary, shared variable, used to print out the
…	…
422	390	=cut
423	391
424		sub init {
425		# Extract arguments.
426		# Hash-based arguments are used, since HoneyClient::Util::SOAP is unable to handle
427		# hash references directly. Thus, flat hashtables are used throughout the code
428		# for consistency.
429		my ($class, %args) = @_;
430
431		# XXX: Finish this.
432		}
	392	#sub init {
	393	# # Extract arguments.
	394	# # Hash-based arguments are used, since HoneyClient::Util::SOAP is unable to handle
	395	# # hash references directly. Thus, flat hashtables are used throughout the code
	396	# # for consistency.
	397	# my ($class, %args) = @_;
	398	#
	399	# # XXX: Finish this.
	400	#}
433	401
434	402	=pod
…	…
452	420	=cut
453	421
454		sub destroy {
455		my $ret = undef;
456
457		# XXX: Finish this.
458
459		return $ret;
460		}
	422	#sub destroy {
	423	# my $ret = undef;
	424	#
	425	# # XXX: Finish this.
	426	#
	427	# return $ret;
	428	#}
461	429
462	430	#######################################################################
…	…
535	503	$SIG{TERM} = sub { };
536	504
537		~~# XXX: Remove this, eventually.~~
538		~~# HoneyClient::Manager::VM->destroy();~~
539
540	505	# XXX: Need to clean this up.
541	506	my $stubFW = getClientHandle(namespace => "HoneyClient::Manager::FW");
…	…
544	509	# Reset the firewall, to allow everything open.
545	510	$stubFW->allowAllTraffic();
546
547		~~# XXX: Remove this, eventually.~~
548		~~# # Check to see if a clone was created...~~
549		~~# if (defined($vmCloneConfig)) {~~
550		~~# # We sleep for a bit, to make sure that the previous VM daemon was~~
551		~~# # properly destroyed and released the previous port that was in use.~~
552		~~# sleep (10);~~
553		#
554		~~# # We reinstantiate a new VM daemon, because if the user had hit CTRL-C~~
555		~~# # or called any other signal, then that signal would propagate to all~~
556		~~# # processes, causing the VM daemon's signal handler to self terminate.~~
557		~~# #~~
558		~~# # Hence, rather than fight the VM daemon's natural self termination,~~
559		~~# # we let the daemon die, but the create a new one, for the sole purpose~~
560		~~# # of cleaning up the clones.~~
561		~~# HoneyClient::Manager::VM->init();~~
562		~~# $LOG->info("Calling suspendVM(config => " . $vmCloneConfig . ").");~~
563		~~# my $stubVM = getClientHandle(namespace => "HoneyClient::Manager::VM");~~
564		~~# $stubVM->suspendVM(config => $vmCloneConfig);~~
565		~~# print "Done!\n";~~
566		~~# HoneyClient::Manager::VM->destroy();~~
567		~~# }~~
568	511
569	512	# This variable may contain a filename that the Manager
…	…
583	526	$dump_file->close();
584	527	}
585		#XXX: Insert Urls. To be moved eventually.
	528
586	529	if ($DB_ENABLE && ($clientDbId > 0)) {
587	530	$LOG->info("Saving URL History to Database.");
…	…
667	610	$args{'agent_state'} = $agentState;
668	611
669		# XXX: ~~Delete~~ this, eventually.
	612	# XXX: Fix this, eventually.
670	613	$globalAgentState = $agentState;
671
672		~~#$Data::Dumper::Terse = 0;~~
673		~~#$Data::Dumper::Indent = 2;~~
674		~~#print Dumper(thaw(decode_base64($agentState)));~~
675	614	}
676	615	}
…	…
684	623	my ($class, %args) = @_;
685	624
686		# XXX: Remove some of these, eventually.
687		my $stubVM = undef;
	625	# XXX: Remove some of these, eventually.
688	626	my $stubFW = undef;
689	627	my $stubAgent = undef;
690	628	my $som = undef;
691	629	my $ret = undef;
692		my $vmIP = undef;
693		my $vmMAC = undef;
694		my $vmName = undef;
695		my $URL = undef;
696		my $vmState = undef;
	630	# XXX: Need to figure out a way to move this data into the VM object.
697	631	my $vmCompromised = 0;
698	632	my $vmStateTable = { };
…	…
837	771	# Put URL History in database.
838	772	$LOG->info("Saving URL History to Database.");
839		insert_url_history(agent_state => $args{'agent_state'},
840		client_id => $vm->database_id);
	773	$args{'agent_state'} = insert_url_history(agent_state => $args{'agent_state'},
	774	client_id => $vm->database_id);
	775	$globalAgentState = $args{'agent_state'};
841	776
842	777	# Delete the 'last_resource' attribute.
…	…
876	811	# Put URL History in database.
877	812	$LOG->info("Saving URL History to Database.");
878		insert_url_history(agent_state => $args{'agent_state'},
879		client_id => $vm->database_id);
	813	$args{'agent_state'} = insert_url_history(agent_state => $args{'agent_state'},
	814	client_id => $vm->database_id);
880	815
881	816	$args{'agent_state'} = get_urls($vm, $args{'agent_state'}, $args{'driver'});
	817	$globalAgentState = $args{'agent_state'};
882	818	print "Calling updateState()...\n";
883	819	$som = $stubAgent->updateState($args{'agent_state'});
…	…
958	894	my %args = @_;
959	895
960		my $~~agent_~~state = thaw(decode_base64($args{'agent_state'}));
961		my $~~agent_~~driver = undef;
962		foreach my $~~driver (keys %$agent_~~state) {
963		if ($~~agent_state->{$driver~~}) {
964		$~~agent_driver = $driver~~;
	896	my $state = thaw(decode_base64($args{'agent_state'}));
	897	my $driver = undef;
	898	foreach my $key (keys %$state) {
	899	if ($state->{$key}) {
	900	$driver = $key;
965	901	last;
966	902	}
…	…
968	904
969	905	# Set the client ID.
970		$~~agent_state->{$agent_~~driver}->{'client_id'} = $args{'client_id'};
	906	$state->{$driver}->{'client_id'} = $args{'client_id'};
971	907
972	908	# XXX: Delete this, eventually.
973	909	use Data::Dumper;
974		$LOG->info("agent_state = " . Data::Dumper::Dumper($agent_state));
975
976		# XXX: We should delete the URLs from agent_state after successfully committing them into the database.
977
978		my $num_urls_inserted = HoneyClient::Manager::Database::insert_history_urls($agent_state->{$agent_driver});
	910	$LOG->info("agent_state = " . Data::Dumper::Dumper($state));
	911
	912	my $num_urls_inserted = HoneyClient::Manager::Database::insert_history_urls($state->{$driver});
979	913	$LOG->info($num_urls_inserted . " URL(s) Inserted.");
	914
	915	# Flush the URL history, after committing to the database.
	916	$state->{$driver}->{'links_visited'} = {};
	917	return encode_base64(nfreeze($state));
980	918	}
981	919
…	…
1020	958	my $state = thaw(decode_base64($agent_state));
1021	959
	960	my $queue_url_list = {};
	961	$LOG->info("Waiting for new URLs from database.");
1022	962	# XXX: We hardcode the value of 10 URLs to request; this will change, eventually.
1023		~~my $queue_url_list = {};~~
1024		~~$LOG->info("Retrieving new URLs from database.");~~
1025	963	$queue_url_list = HoneyClient::Manager::Database::get_queue_urls(10, $vm->database_id);
1026	964	my $remoteLinksExist = scalar(%{$queue_url_list});
…	…
1032	970	# XXX: Hardcoded timeout.
1033	971	sleep (2);
1034		~~#$LOG->info("Retrieving new URLs from database.");~~
1035	972	$queue_url_list = HoneyClient::Manager::Database::get_queue_urls(10, $vm->database_id);
1036	973	$remoteLinksExist = scalar(%{$queue_url_list});

honeyclient/trunk/lib/HoneyClient/Manager/Database.pm

r1140	r1203
223	223	# Perform the RPC call.
224	224	# XXX: Externalize this URL.
225		my $xmlrpc = XML::RPC->new('http://172.16.164.103:3000/hc_database/api');
	225	my $xmlrpc = XML::RPC->new(getVar(name => "url"));
	226	#my $xmlrpc = XML::RPC->new('http://172.16.164.103:3000/hc_database/api');
226	227	#my $ret = $xmlrpc->call($name,$obj_yaml);
227	228	my $ret = $xmlrpc->call($name,@_);

Download in other formats:

Powered by Trac 0.10.4
By Edgewall Software.

Privacy Policy | Terms of Use | Contact Us
This project is sponsored by The MITRE Corporation. Applying systems engineering and advanced technology to critical national problems.
Copyright © 2004-2008, The MITRE Corporation. All rights reserved. MITRE is a registered trademark of The MITRE Corporation.
Material on this site may be copied and distributed with permission only. MITRE has no control over content on external sites unless noted.