Esempio n. 1
0
 def __init__(self):
     self.__conf = OssimConf()
     self.__db = OssimDB(self.__conf[VAR_DB_HOST],
                         self.__conf[VAR_DB_SCHEMA],
                         self.__conf[VAR_DB_USER],
                         self.__conf[VAR_DB_PASSWORD])
     self.__stored_id = 0
     self.__stored_num = 0
     self.__header_id = 0
     self.__ntop_apache_manager = ApacheNtopProxyManager(self.__conf)
     self.__last_ntop_link = ""
     threading.Thread.__init__(self)
Esempio n. 2
0
 def __init__(self):
     self.__conf = OssimConf(Const.CONFIG_FILE)
     self.__db = OssimDB()
     self.__stored_id = 0
     self.__stored_num = 0
     self.__header_id = 0
     self.__ntop_apache_manager = ApacheNtopProxyManager(self.__conf)
     self.__last_ntop_link = ""
     threading.Thread.__init__(self)
Esempio n. 3
0
 def __init__(self):
     self.__conf = OssimConf()
     self.__db = OssimDB(self.__conf[VAR_DB_HOST],
                         self.__conf[VAR_DB_SCHEMA],
                         self.__conf[VAR_DB_USER],
                         self.__conf[VAR_DB_PASSWORD])
     self.__stored_id = 0
     self.__stored_num = 0
     self.__header_id = 0
     self.__ntop_apache_manager = ApacheNtopProxyManager(self.__conf)
     self.__last_ntop_link = "" 
     threading.Thread.__init__(self)
Esempio n. 4
0
    def main(self):

        logger.info("Frameworkd is starting up...")
        conf = OssimConf (Const.CONFIG_FILE)
        ap = ApacheNtopProxyManager(conf)
        self.checkEncryptionKey(conf['ossim_host'],conf['ossim_base'],conf['ossim_user'],conf['ossim_pass'])
        logger.info("Check ntop proxy configuration ...")                
        ap.refreshConfiguration()
        ap.close()
        t=None
        for c in self.__classes :
            conf_entry = "frameworkd_" + c.lower()
            logger.info("Conf entry:%s value: %s" % (conf_entry,conf[conf_entry]))
            if str(conf[conf_entry]).lower() in ('1', 'yes', 'true'):
                logger.info(c.upper() + " is enabled")
                #print conf_entry
                exec "from %s import %s" % (c, c)
                exec "t = %s()" % (c)
                t.start()

            else:
                logger.info(c.upper() + " is disabled")

        #Autodiscovery
    
        #Ntop
        if str(conf["network_auto_discovery"]) in ('1', 'yes', 'true'):
            logger.info("NtopDiscovery" + " is enabled")
            exec "from %s import %s" % ("NtopDiscovery", "NtopDiscovery")
            exec "t = %s()" % ("NtopDiscovery")
            t.start()
    
        #Nedi
        if str(conf["nedi_autodiscovery"]) in  ('1', 'yes', 'true'):    
            logger.info("nediDiscovery" + " is enabled")
            exec "from %s import %s" % ("nediDiscovery", "nediDiscovery")
            exec "t = %s()" % ("nediDiscovery")
            t.start()
Esempio n. 5
0
    def main(self):

        logger.info("Frameworkd is starting up...")
        self.checkEncryptionKey()
        from OssimConf import OssimConf
        conf = OssimConf (Const.CONFIG_FILE)

        logger.info("Check ntop proxy configuration ...")
        ap = ApacheNtopProxyManager(conf)
        ap.refreshConfiguration()
        for c in self.__classes :
            conf_entry = "frameworkd_" + c.lower()

            if str(conf[conf_entry]).lower() in ('1', 'yes', 'true'):
                logger.info(c.upper() + " is enabled")
                #print conf_entry
                exec "from %s import %s" % (c, c)
                exec "t = %s()" % (c)
                t.start()

            else:
                logger.info(c.upper() + " is disabled")

	#Autodiscovery

	#Ntop
	if str(conf["network_auto_discovery"]) in ('1', 'yes', 'true'):
		logger.info("NtopDiscovery" + " is enabled")
		exec "from %s import %s" % ("NtopDiscovery", "NtopDiscovery")
		exec "t = %s()" % ("NtopDiscovery")
		t.start()

	#Nedi
	if str(conf["nedi_autodiscovery"]) in  ('1', 'yes', 'true'):	
		logger.info("nediDiscovery" + " is enabled")
		exec "from %s import %s" % ("nediDiscovery", "nediDiscovery")
		exec "t = %s()" % ("nediDiscovery")
		t.start()
Esempio n. 6
0
 def __init__(self, conf):
     logger.debug("Initialising ControlManager...")
     self.control_agents = {}
     self.transaction_map = {}
     self.__myconf = conf
     self.__myDB = OssimDB(conf[VAR_DB_HOST],
                           conf[VAR_DB_SCHEMA],
                           conf[VAR_DB_USER],
                           conf[VAR_DB_PASSWORD])
     self.__myDB_connected = self.__myDB.connect ()
     self.__transaction_timeout = 60
     self.__ntop_apache_manager = ApacheNtopProxyManager(conf)
     self.__control = DoControl(self)
     self.__control.start()
     self.__ntop_configuration_checked = False
     self.__mutexRquest = Lock()
Esempio n. 7
0
    def handle(self):
        global controlmanager
        global bkmanager
        global asechandler
        self.__id = None

        logger.debug("Request from: %s:%i" % (self.client_address))

        while 1:
            try:
                line = self.rfile.readline().rstrip('\n')
                if len(line) > 0:
                    command = line.split()[0]

                    # set sane default response
                    response = ""

                    # check if we are a "control" request message
                    if command == "control":
                        # spawn our control timer
                        if controlmanager == None:
                            controlmanager = ControlManager(OssimConf())

                        response = controlmanager.process(self, command, line)

                    # otherwise we are some form of standard control message

                    elif command == "nagios":
                        if self.__nagiosmanager == None:
                            self.__nagiosmanager = NagiosManager(OssimConf())

                        response = self.__nagiosmanager.process(line)

                    elif command == "ping":
                        response = "pong\n"

                    elif command == "add_asset" or command == "remove_asset" or command == "refresh_asset_list":
                        linebk = ""
                        if controlmanager == None:
                            controlmanager = ControlManager(OssimConf())
                        linebk = "action=\"refresh_asset_list\"\n"
                        response = controlmanager.process(self, command, linebk)

#                    elif command == "refresh_inventory_task":
#                        if controlmanager == None:
#                            controlmanager = ControlManager(OssimConf())
#                        response = controlmanager.process(self, command, linebk)

                    elif command == "refresh_sensor_list":
                        logger.info("Check ntop proxy configuration ...")
                        ap = ApacheNtopProxyManager(OssimConf())
                        ap.refreshConfiguration()
                        ap.close()
                    elif command == "backup":
                        if bkmanager == None:
                            bkmanager=  BackupRestoreManager(OssimConf())
                        response =  bkmanager.process(line)
                    elif command == "asec":
                        if asechandler == None:
                            asechandler = ASECHandler(OssimConf())
                        response = asechandler.process_web(self, line)
                    elif command == "asec_m":#struct.unpack('!H',line[0:2])[0] == 0x1F1F:
                        #it's a tlv 
                        if asechandler == None:
                            asechandler = ASECHandler(OssimConf())
                        response = asechandler.process(self,line)
                    elif command == "ws":
                        [ws_data] = re.findall('ws_data=(.*)$', line)
                        try:
                            ws_json = json.loads(ws_data)
                            logger.info("Received new WS: %s" % str(ws_json))
                        except Exception, msg:
                            logger.warning ("WS json is invalid: '%s'" % line)
                        else:
                            if ws_json['ws_id'] != '':

                                for ws_id in ws_json['ws_id'].split(','):
                                    try:
                                        ws_handler = WSHandler(OssimConf(), ws_id)
                                    except Exception, msg:
                                        logger.warning (msg)
                                    else:
#                                        response = ws_handler.process_json(ws_type, ws_data)
                                        response = ws_handler.process_json('insert', ws_json)
                            else:
                                logger.warning ("WS command does not contain a ws_id field: '%s'" % line)
                    else:
                        a = Action.Action(line)
                        a.start()

                        # Group Alarms
                        #ag = AlarmGroup.AlarmGroup()
                        #ag.start()

                    # return the response as appropriate
                    if len(response) > 0:
                        self.wfile.write(response)

                    line = ""
Esempio n. 8
0
    def handle(self):
        global controlmanager

        self.__id = None

        logger.debug("Request from: %s:%i" % (self.client_address))

        while 1:
            try:
                line = self.rfile.readline().rstrip('\n')
                if len(line) > 0:
                    command = line.split()[0]

                    # set sane default response
                    response = ""

                    # check if we are a "control" request message
                    if command == "control":
                        # spawn our control timer
                        if controlmanager == None:
                            controlmanager = ControlManager(OssimConf(Const.CONFIG_FILE))

                        response = controlmanager.process(self, command, line)

                    # otherwise we are some form of standard control message
                    elif command == "nessus":
                        if self.__nessusmanager == None:
                            self.__nessusmanager = NessusManager

                        response = self.__nessusmanager.process(line)

                    elif command == "nagios":
                        if self.__nagiosmanager == None:
                            self.__nagiosmanager = NagiosManager(OssimConf(Const.CONFIG_FILE))

                        response = self.__nagiosmanager.process(line)

                    elif command == "ping":
                        response = "pong\n"

                    elif command == "add_asset" or command == "remove_asset" or command == "refresh_asset_list":
                        linebk = ""                        
                        if controlmanager == None:
                            controlmanager = ControlManager(OssimConf(Const.CONFIG_FILE))
                        linebk = "action=\"refresh_asset_list\"\n"
                        response = controlmanager.process(self, command, linebk)
                           
                    elif command == "refresh_sensor_list":
                        logger.info("Check ntop proxy configuration ...")
                        ap = ApacheNtopProxyManager(OssimConf(Const.CONFIG_FILE))
                        ap.refreshConfiguration()
                        
                    else:
                        a = Action.Action(line)
                        a.start()

                        # Group Alarms
                        #ag = AlarmGroup.AlarmGroup()
                        #ag.start()

                    # return the response as appropriate
                    if len(response) > 0:
                        self.wfile.write(response)

                    line = ""

                else:
                    return
            except socket.error, e:
                logger.warning("Client disconnected..." )

            except IndexError:
                logger.error("IndexError")
Esempio n. 9
0
class Scheduler(threading.Thread):
    def __init__(self):
        self.__conf = OssimConf(Const.CONFIG_FILE)
        self.__db = OssimDB()
        self.__stored_id = 0
        self.__stored_num = 0
        self.__header_id = 0
        self.__ntop_apache_manager = ApacheNtopProxyManager(self.__conf)
        self.__last_ntop_link = ""
        threading.Thread.__init__(self)

    def __check_last_db_id(self):
        db_last_id = self.__get_last_db_id()

        if db_last_id == self.__stored_id:
            # we're up to date
            return False
        return True

    def __check_db_scheduler_count(self):
        db_id_num = self.__get_db_scheduler_count()

        if db_id_num == self.__stored_num:
            # we're up to date
            return False

        return True

    def __get_last_db_id(self):
        query = "select max(id) as id from plugin_scheduler"
        hash = self.__db.exec_query(query)

        if hash != []:
            if hash[0]["id"] is not None:
                return hash[0]["id"]

        return 0

    def __get_db_scheduler_count(self):
        query = "select count(id) as id from plugin_scheduler"
        hash = self.__db.exec_query(query)

        for row in hash:
            return row["id"]

        return 0

    def __get_crontab(self):
        crontab = []

        cmd = "crontab -l"
        output = os.popen(cmd)

        pattern = "#### OSSIM scheduling information, everything below this line will be erased. Last schedule:\s*\((\d+)\)\s* ####"

        for line in output.readlines():
            result = re.findall(pattern, line)
            if result != []:
                # We fond our header. Let's see how many entries are in there and
                # return without the header line
                self.__header_id = result[0]
                output.close()
                return crontab
            else:
                # Just append the line
                crontab.append(line)

        # We didn't find the header
        output.close()
        return crontab

    def __set_crontab(self, crontab):
        if len(crontab) < 1:
            logger.debug(
                "Since at least the warning line has to be present, something went wrong if crontab has less than 1 entry. Not overwriting crontab"
            )
            return False

        tmp_name = tempfile.mktemp(".ossim.scheduler")
        outfile = open(tmp_name, "w")
        try:
            for line in crontab:
                outfile.write(line)

        finally:
            outfile.close()

        cmd = "crontab %s" % tmp_name
        status = os.system(cmd)
        os.unlink(tmp_name)
        if status < 0:
            return False

        return True

    def run(self):

        self.__db.connect(
            self.__conf["ossim_host"], self.__conf["ossim_base"], self.__conf["ossim_user"], self.__conf["ossim_pass"]
        )
        self.__last_ntop_link = self.__ntop_apache_manager.getNtopLink()
        while 1:
            try:
                new_ntop_link = self.__ntop_apache_manager.getNtopLink()
                if self.__last_ntop_link != new_ntop_link:
                    self.__ntop_apache_manager.refreshDefaultNtopConfiguration(must_reload=True)
                # Check if we already have the latest DB id stored in memory
                # during this run
                if self.__check_last_db_id() == True or self.__check_db_scheduler_count() == True:

                    # Let's fetch the crontab up until our header (if present)
                    # and check if we have to recreate it
                    crontab = self.__get_crontab()
                    last_id = self.__get_last_db_id()
                    id_num = self.__get_db_scheduler_count()

                    for line in crontab:
                        logger.debug(line.strip())

                    # Ok, we have to redo the crontab entry
                    ossim_tag = (
                        "#### OSSIM scheduling information, everything below this line will be erased. Last schedule: (%d) ####"
                        % int(last_id)
                    )
                    logger.debug(ossim_tag)
                    crontab.append(ossim_tag + "\n")

                    query = "SELECT * FROM plugin_scheduler"
                    hash = self.__db.exec_query(query)

                    FRAMEWORKD_DIR = self.__conf["frameworkd_dir"] or "/usr/share/ossim-framework/ossimframework"

                    for row in hash:
                        donessus_command = (
                            "python " + os.path.join(FRAMEWORKD_DIR, "DoNessus.py") + " -i " + str(row["id"])
                        )

                        entry = "%s\t%s\t%s\t%s\t%s\t%s\n" % (
                            row["plugin_minute"],
                            row["plugin_hour"],
                            row["plugin_day_month"],
                            row["plugin_month"],
                            row["plugin_day_week"],
                            donessus_command,
                        )
                        crontab.append(entry)
                        logger.debug(entry)

                    logger.debug("Setting crontab")

                    if self.__set_crontab(crontab) == True:
                        logger.debug("Crontab successfully updated")

                        self.__stored_id = self.__header_id = last_id
                        self.__stored_num = id_num

                    else:
                        logger.debug("Crontab not updated, something went wrong (check output)")

            except Exception, e:
                logger.error(e)

            logger.debug("Iteration...")
            time.sleep(float(Const.SLEEP))

        # never reached..
        self.__db.close()
Esempio n. 10
0
    def handle(self):
        global controlmanager

        self.__id = None

        logger.debug("Request from: %s:%i" % (self.client_address))

        while 1:
            try:
                line = self.rfile.readline().rstrip('\n')
                if len(line) > 0:
                    command = line.split()[0]

                    # set sane default response
                    response = ""

                    # check if we are a "control" request message
                    if command == "control":
                        # spawn our control timer
                        if controlmanager == None:
                            controlmanager = ControlManager(
                                OssimConf(Const.CONFIG_FILE))

                        response = controlmanager.process(self, command, line)

                    # otherwise we are some form of standard control message
                    elif command == "nessus":
                        if self.__nessusmanager == None:
                            self.__nessusmanager = NessusManager

                        response = self.__nessusmanager.process(line)

                    elif command == "nagios":
                        if self.__nagiosmanager == None:
                            self.__nagiosmanager = NagiosManager(
                                OssimConf(Const.CONFIG_FILE))

                        response = self.__nagiosmanager.process(line)

                    elif command == "ping":
                        response = "pong\n"

                    elif command == "add_asset" or command == "remove_asset" or command == "refresh_asset_list":
                        linebk = ""
                        if controlmanager == None:
                            controlmanager = ControlManager(
                                OssimConf(Const.CONFIG_FILE))
                        linebk = "action=\"refresh_asset_list\"\n"
                        response = controlmanager.process(
                            self, command, linebk)

                    elif command == "refresh_sensor_list":
                        logger.info("Check ntop proxy configuration ...")
                        ap = ApacheNtopProxyManager(
                            OssimConf(Const.CONFIG_FILE))
                        ap.refreshConfiguration()

                    else:
                        a = Action.Action(line)
                        a.start()

                        # Group Alarms
                        #ag = AlarmGroup.AlarmGroup()
                        #ag.start()

                    # return the response as appropriate
                    if len(response) > 0:
                        self.wfile.write(response)

                    line = ""

                else:
                    return
            except socket.error, e:
                logger.warning("Client disconnected...")

            except IndexError:
                logger.error("IndexError")
Esempio n. 11
0
class Scheduler(threading.Thread):
    def __init__(self):
        self.__conf = OssimConf()
        self.__db = OssimDB(self.__conf[VAR_DB_HOST],
                            self.__conf[VAR_DB_SCHEMA],
                            self.__conf[VAR_DB_USER],
                            self.__conf[VAR_DB_PASSWORD])
        self.__stored_id = 0
        self.__stored_num = 0
        self.__header_id = 0
        self.__ntop_apache_manager = ApacheNtopProxyManager(self.__conf)
        self.__last_ntop_link = ""
        threading.Thread.__init__(self)

    def __check_last_db_id(self):
        db_last_id = self.__get_last_db_id()

        if db_last_id == self.__stored_id:
            # we're up to date
            return False
        return True

    def __check_db_scheduler_count(self):
        db_id_num = self.__get_db_scheduler_count()

        if db_id_num == self.__stored_num:
            # we're up to date
            return False

        return True

    def __get_last_db_id(self):
        query = "select max(id) as id from plugin_scheduler"
        hash = self.__db.exec_query(query)

        if hash != []:
            if hash[0]["id"] is not None:
                return hash[0]["id"]

        return 0

    def __get_db_scheduler_count(self):
        query = "select count(id) as id from plugin_scheduler"
        hash = self.__db.exec_query(query)

        for row in hash:
            return row["id"]

        return 0

    def __get_crontab(self):
        crontab = []

        cmd = "crontab -l"
        output = os.popen(cmd)

        pattern = "#### OSSIM scheduling information, everything below this line will be erased. Last schedule:\s*\((\d+)\)\s* ####"

        for line in output.readlines():
            result = re.findall(pattern, line)
            if result != []:
                # We fond our header. Let's see how many entries are in there and
                # return without the header line
                self.__header_id = result[0]
                output.close()
                return crontab
            else:
                # Just append the line
                crontab.append(line)

        # We didn't find the header
        output.close()
        return crontab

    def __set_crontab(self, crontab):
        if len(crontab) < 1:
            logger.debug(
                "Since at least the warning line has to be present, something went wrong if crontab has less than 1 entry. Not overwriting crontab"
            )
            return False

        tmp_name = tempfile.mktemp(".ossim.scheduler")
        outfile = open(tmp_name, "w")
        try:
            for line in crontab:
                outfile.write(line)

        finally:
            outfile.close()

        cmd = "crontab %s" % tmp_name
        status = os.system(cmd)
        os.unlink(tmp_name)
        if (status < 0):
            return False

        return True

    def run(self):

        self.__db.connect()
        self.__last_ntop_link = self.__ntop_apache_manager.getNtopLink()
        while 1:
            try:
                new_ntop_link = self.__ntop_apache_manager.getNtopLink()
                if self.__last_ntop_link != new_ntop_link:
                    self.__ntop_apache_manager.refreshDefaultNtopConfiguration(
                        must_reload=True)
                # Check if we already have the latest DB id stored in memory
                # during this run
                if self.__check_last_db_id(
                ) == True or self.__check_db_scheduler_count() == True:

                    # Let's fetch the crontab up until our header (if present)
                    # and check if we have to recreate it
                    crontab = self.__get_crontab()
                    last_id = self.__get_last_db_id()
                    id_num = self.__get_db_scheduler_count()

                    for line in crontab:
                        logger.debug(line.strip())

                    # Ok, we have to redo the crontab entry
                    ossim_tag = "#### OSSIM scheduling information, everything below this line will be erased. Last schedule: (%d) ####" % int(
                        last_id)
                    logger.debug(ossim_tag)
                    crontab.append(ossim_tag + "\n")

                    query = "SELECT * FROM plugin_scheduler"
                    hash = self.__db.exec_query(query)

                    FRAMEWORKD_DIR = self.__conf["frameworkd_dir"] or \
                        "/usr/share/ossim-framework/ossimframework"

                    for row in hash:
                        donessus_command = "python " +\
                            os.path.join(FRAMEWORKD_DIR, "DoNessus.py") +\
                            " -i " + str(row["id"])

                        entry = "%s\t%s\t%s\t%s\t%s\t%s\n" % \
                            (row["plugin_minute"],\
                             row["plugin_hour"],\
                             row["plugin_day_month"],\
                             row["plugin_month"],\
                             row["plugin_day_week"],\
                             donessus_command)
                        crontab.append(entry)
                        logger.debug(entry)

                    logger.debug("Setting crontab")

                    if self.__set_crontab(crontab) == True:
                        logger.debug("Crontab successfully updated")

                        self.__stored_id = self.__header_id = last_id
                        self.__stored_num = id_num

                    else:
                        logger.debug(
                            "Crontab not updated, something went wrong (check output)"
                        )

            except Exception, e:
                logger.error(e)

            logger.debug("Iteration...")
            time.sleep(float(self.__conf[VAR_SCHEDULED_PERIOD]))

        # never reached..
        self.__db.close()