Changeset 1617

Show
Ignore:
Timestamp:
06/10/08 20:04:19 (3 months ago)
Author:
kindlund
Message:

Updated email job notification support.

Files:

Legend:

Unmodified
Added
Removed
Modified
Copied
Moved

  • hive/trunk/data_webapp/app/controllers/hc_database_controller.rb

    r1616 r1617  
    5757    end 
    5858 
     59    # Refresh the DroneJob object with what has been stored in the database, 
     60    # since we did not perform an explicit save. 
     61    # XXX: This functionality should improve in Rails v2.1 
     62    if not job.id.nil? 
     63      job = DroneJob.find(job.id) 
     64    end 
     65 
     66    # If requested, send notification that the DroneJob has been processed. 
    5967    if job.notify_source and job.job_source.response_protocol == 'smtp' 
    6068      PostOffice.deliver_job_submitted(job) 
    6169    end 
     70 
    6271    return job.id.nil? ? 0 : job.id 
    6372  end 
     
    152161            bee_work["urls"] << url_obj 
    153162 
    154             # Insert the HistoryUrl and retrieve the corresponding inserted object 
     163            # Insert the HistoryUrl and retrieve the corresponding inserted object. 
    155164            if hu = insert(HistoryUrl,url_obj) 
    156165              count += 1 
     
    158167            end 
    159168 
    160             # Get the jobs associated with the QueueUrl 
     169            # Get the jobs associated with the QueueUrl. 
    161170            jobs = [] 
    162171            if not q.nil? 
     
    164173            end 
    165174 
    166             # Add the HistoryUrl to all corresponding DroneJob objects 
     175            # Add the HistoryUrl to all corresponding DroneJob objects. 
    167176            if not hu.nil? 
    168177              jobs.each do |job| 
    169178                CompletedUrl.new(:history_url => hu,:drone_job => job).save! 
    170                 if job.pending_urls_count == 0 and job.notify_source  
    171                   if job.job_source.response_protocol == 'smtp' 
    172                     PostOffice.deliver_job_completed(job) 
    173                   end 
     179              end 
     180            end 
     181 
     182            # Remove the QueueUrl object and corresponding PendingUrl associations. 
     183            q.destroy if not q.nil? 
     184 
     185            # If requested and completed, send notification that the DroneJobs have been processed. 
     186            jobs.each do |job| 
     187              # Refresh the DroneJob object with what has been stored in the database, 
     188              # since we did not perform an explicit save. 
     189              # XXX: This functionality should improve in Rails v2.1 
     190              if not job.id.nil? 
     191                job = DroneJob.find(job.id) 
     192              end 
     193              if job.pending_urls_count == 0 and job.notify_source  
     194                if job.job_source.response_protocol == 'smtp' 
     195                  PostOffice.deliver_job_completed(job) 
    174196                end 
    175197              end 
    176198            end 
    177  
    178             # Remove the QueueUrl object 
    179             q.destroy if not q.nil? 
    180199          end 
    181200        end 

  • hive/trunk/data_webapp/app/models/post_office.rb

    r1616 r1617  
    88    @sent_on = Time.now 
    99    @content_type = "text/plain" 
    10     body[:to_visit] = job.pending_urls_count 
     10    body[:num_urls] = job.pending_urls_count 
    1111    body[:job_id] = job.id.nil? ? 0 : job.id 
    12     @subject = "[Honeyclient Job ##{body[:job_id]}: Submitted]" 
     12    if (body[:job_id] > 0) and (body[:num_urls] > 0)  
     13      body[:status] = 'Submitted' 
     14    else 
     15      body[:status] = 'Error' 
     16      @bcc = "darien@kindlund.com" 
     17    end 
     18    @subject = "[Honeyclient Job ##{body[:job_id]}: #{body[:status]}]" 
    1319  end 
    1420 
     
    1925    @from = "honeyclient@navi.kindlund.net" 
    2026    headers "Reply-to" => "honeyclient@mitre.org" 
    21     job_id = job.id.nil? ? 0 : job.id 
    22     @subject = "[Honeyclient Job ##{job_id}: Completed]" 
     27    body[:job_id] = job.id.nil? ? 0 : job.id 
     28    body[:status] = 'Completed' 
     29    @subject = "[Honeyclient Job ##{body[:job_id]}: #{body[:status]}]" 
    2330    @sent_on = Time.now 
    2431    @content_type = "text/plain" 

  • hive/trunk/data_webapp/app/views/post_office/job_completed.text.plain.erb

    r1616 r1617  
    1 ************************************************************************************* 
     1+------------+ 
     2| DISCLAIMER | 
     3+------------+ 
    24 
    3 DISCLAIMER 
     5While the MITRE Honeyclient System has been extensively tested, and consistently detects new malware not detected by anti-virus scanners, there are some caveats inherent to this implementation.  Please keep in mind the following: 
    46 
    5 ************************************************************************************* 
     7- The Honeyclient does not detect attacks that execute, following a lengthy time delay (e.g., timebombs). 
     8- When visiting a webpage that dynamically rotates advertisement content, the Honeyclient may not come across the same advertisement each time. As such, if an advertisement contains malicious code, that advertisement may not appear on the webpage consistently. 
     9- The Honeyclients run inside a virtualized environment. Some malware will only execute on physical machines, and not virtual machines. 
    610 
    7 While MITRE's honeyclients have been extensively tested, and consistently detects new malware not detected by anti-virus scanners, there are some caveats inherent to honeyclient implementation. Please keep in mind the following: 
     11If you have any questions, please contact honeyclient@mitre.org. 
    812 
    9 - The honeyclient does not detect attacks that execute following a lengthy time delay. 
     13+-------------------------------+ 
     14| MITRE Honeyclient System v1.2 | 
     15+-------------------------------+ 
     16Status:              <%= @status.to_s %> 
     17Job ID:              #<%= @job_id.to_s %> 
    1018 
    11 - When visiting a webpage that dynamically rotates advertisements, a honeyclient may not come across the same ads each time. In other words, if an ad is embedded with malicious code, that ad may not appear on the webpage consistently. 
     19Report Summary 
     20============== 
     21Suspicious Activity: <%= @compromise_found ? "FOUND" : "Not Found" %> 
     22URLs Visited:        <%= @visited.to_s %> 
     23URLs Compromised:    <%= @compromised.to_s %> 
    1224 
    13 - Our honeyclients run on virtual machine platforms. Some malware will only execute on physical machines, and not virtual machines. 
    14  
    15 If you have any questions, we can be reached at honeyclient@mitre.org 
    16  
    17 ************************************************************************************** 
    18  
    19 Summary of Results for Submitted URLs: 
    20  
    21 <%= @compromise_found ? "SUSPICIOUS ACTIVITY FOUND" : "NO SUSPICIOUS ACTIVITY FOUND" %> 
    22  
    23 Links Visited:     <%= @visited %> 
    24 Links Compromised: <%= @compromised %> 
    25  
    26 ************************************************************************************** 
    27  
    28  
     25--------------------------------- 
    2926For more information about what this means, see the following: 
    30  
    3127http://www.honeyclient.org/trac/wiki/SummaryResults 

  • hive/trunk/data_webapp/app/views/post_office/job_submitted.text.plain.erb

    r1616 r1617  
    1 Thanks!  Your request has been submitted to the MITRE Honeyclient System for analysis.  If you have submitted any lengthy URLs, please review the output below to make sure each URL has been parsed correctly.  When all URLs have been analyzed, you will receive another message with the results.  Do not reply to this message.  If you have any questions, please contact honeyclient@mitre.org. 
     1<%= (@status.to_s != 'Error') ? 'Thanks!  Your request has been submitted to the MITRE Honeyclient System for analysis.  If you have submitted any lengthy URLs, please review the output below to make sure each URL has been parsed correctly.  When all URLs have been analyzed, you will receive another message with the results.  Do not reply to this message.  If you have any questions, please contact honeyclient@mitre.org.' : 'Unfortunately, we were unable to parse your request to the MITRE Honeyclient System.  Please review the output below to make sure at least one URL was parsed correctly.  If at least one URL was parsed correctly, then the system may be undergoing routine maintenance at this time -- please try your request again later.  Do not reply to this message.  If you have any questions, please contact honeyclient@mitre.org.' %> 
    22 
    33+-------------------------------+ 
    44| MITRE Honeyclient System v1.2 | 
    55+-------------------------------+ 
    6 Status:     <%= (@to_visit > 0) ? 'Submitted' : 'Error' %> 
    7 Job ID:     #<%= @job_id.to_s %> 
    8 Number of URLs Parsed: <%= @to_visit.to_s %> 
     6Status:                <%= @status.to_s %> 
     7Job ID:                #<%= @job_id.to_s %> 
     8Number of URLs Parsed: <%= @num_urls.to_s %>