Python is_ipv4_net Beispiele

Beispiel #1

Datei: spamhaus_ip.py Projekt: noodled/verbose-robot

def process(i):
    if not ENABLED:
        return

    if i.itype not in ['ipv4', 'ipv6']:
        return

    if i.provider == 'spamhaus.org' and not is_ipv4_net(i.indicator):
        return

    try:
        r = _resolve(i.indicator)
    except Exception as e:
        return

    r = CODES.get(str(r), None)
    if not r:
        return

    f = Indicator(**i.__dict__())

    f.tags = [r['tags']]
    f.description = r['description']
    f.confidence = CONFIDENCE
    f.provider = PROVIDER
    f.reference_tlp = 'white'
    f.reference = 'http://www.spamhaus.org/query/bl?ip={}'.format(f.indicator)
    f.lasttime = arrow.utcnow()
    f.probability = 0
    return f

Beispiel #2

Datei: spamhaus_ip.py Projekt: csirtgadgets/bearded-avenger

    def process(self, i, router):
        if i.itype != 'ipv4' and i.itype != 'ipv6':
            return

        if i.provider == 'spamhaus.org' and not is_ipv4_net(i.indicator):
            return

        try:
            r = self._resolve(i.indicator)
            try:
                r = CODES.get(str(r), None)
            except Exception as e:
                # https://www.spamhaus.org/faq/section/DNSBL%20Usage
                self.logger.error(e)
                self.logger.info('check spamhaus return codes')
                r = None

            if r:
                f = Indicator(**i.__dict__())

                f.tags = [r['tags']]
                f.description = r['description']
                f.confidence = CONFIDENCE
                f.provider = PROVIDER
                f.reference_tlp = 'white'
                f.reference = 'http://www.spamhaus.org/query/bl?ip={}'.format(f.indicator)
                f.lasttime = arrow.utcnow()
                x = router.indicators_create(f)

        except Exception as e:
            self.logger.error(e)
            import traceback
            traceback.print_exc()

Beispiel #3

Datei: spamhaus_ip.py Projekt: richardmaize/bearded-avenger

    def process(self, i, router):
        if i.itype != 'ipv4' and i.itype != 'ipv6':
            return

        if i.provider == 'spamhaus.org' and not is_ipv4_net(i.indicator):
            return

        try:
            r = self._resolve(i.indicator)
            try:
                r = CODES.get(str(r), None)
            except Exception as e:
                # https://www.spamhaus.org/faq/section/DNSBL%20Usage
                self.logger.error(e)
                self.logger.info('check spamhaus return codes')
                r = None

            if r:
                f = Indicator(**i.__dict__())

                f.tags = [r['tags']]
                f.description = r['description']
                f.confidence = CONFIDENCE
                f.provider = PROVIDER
                f.reference_tlp = 'white'
                f.reference = 'http://www.spamhaus.org/query/bl?ip={}'.format(
                    f.indicator)
                x = router.indicators_create(f)

        except Exception as e:
            self.logger.error(e)
            import traceback
            traceback.print_exc()

Beispiel #4

Datei: spamhaus_ip.py Projekt: csirtgadgets/bearded-avenger

    def process(self, i, router, **kwargs):
        if 'search' in i.tags:
            return

        if i.itype != 'ipv4' and i.itype != 'ipv6':
            return

        if i.provider == 'spamhaus.org' and not is_ipv4_net(i.indicator):
            return

        try:
            r = self._resolve(i.indicator)
            try:
                r = CODES.get(str(r), None)
            except Exception as e:
                # https://www.spamhaus.org/faq/section/DNSBL%20Usage
                self.logger.error(e)
                self.logger.info('check spamhaus return codes')
                r = None

            if r:
                f = Indicator(**i.__dict__())

                f.tags = [r['tags']]
                if 'hunter' not in f.tags:
                    f.tags.append('hunter')
                f.description = r['description']
                f.confidence = CONFIDENCE
                f.provider = PROVIDER
                f.reference_tlp = 'white'
                f.reference = 'http://www.spamhaus.org/query/bl?ip={}'.format(
                    f.indicator)
                f.lasttime = f.reporttime = arrow.utcnow()
                x = router.indicators_create(f)
                self.logger.debug("Spamhaus IP: {}".format(x))

        except Exception as e:
            self.logger.error(
                "[Hunter: SpamhausIp] {}: giving up on indicator {}".format(
                    e, i))
            import traceback
            traceback.print_exc()

Beispiel #5

Datei: spamhaus_ip.py Projekt: DrizzleRisk/bearded-avenger

    def process(self, i, router):
        if (i.itype == 'ipv4' or i.itype == 'ipv6') and i.provider != 'spamhaus.org' and not is_ipv4_net(i.indicator):
            try:
                r = self._resolve(i.indicator)
                try:
                    r = CODES.get(str(r), None)
                except Exception as e:
                    # https://www.spamhaus.org/faq/section/DNSBL%20Usage
                    self.logger.error(e)
                    self.logger.info('check spamhaus return codes')
                    r = None

                if r:
                    f = Indicator(**i.__dict__)

                    f.tags = [r['tags']]
                    f.description = r['description']
                    f.confidence = CONFIDENCE
                    f.provider = PROVIDER
                    f.reference_tlp = 'white'
                    f.reference = 'http://www.spamhaus.org/query/bl?ip={}'.format(f.indicator)
                    x = router.indicators_create(f)
                    self.logger.debug(x)
            except dns.resolver.NoAnswer:
                self.logger.info('no answer...')
            except dns.resolver.NXDOMAIN:
                self.logger.info('nxdomain...')
            except Exception as e:
                self.logger.error(e)
                import traceback
                traceback.print_exc()