def test_matching(self):
"""
Tests that attack sessions coming in quick succession are classified correctly.
This test relates to issue #218
"""
honeypot_id = 1
honeypot = Honeypot(id=honeypot_id)
db_session = database_setup.get_session()
db_session.add(honeypot)
db_session.commit()
raw_session_publisher = beeswarm.shared.zmq_context.socket(zmq.PUB)
raw_session_publisher.bind(SocketNames.RAW_SESSIONS)
# startup session database
persistence_actor = SessionPersister(999, delay_seconds=2)
persistence_actor.start()
gevent.sleep(1)
for x in xrange(0, 100):
honeypot_session = HoneypotSession(source_ip='192.168.100.22', source_port=52311, protocol='pop3', users={},
destination_port=110)
honeypot_session.try_auth('plaintext', username='******', password='******')
honeypot_session.honeypot_id = honeypot_id
raw_session_publisher.send('{0} {1} {2}'.format(Messages.SESSION_HONEYPOT, honeypot_id,
json.dumps(honeypot_session.to_dict(), default=json_default,
ensure_ascii=False)))
gevent.sleep(5)
sessions = db_session.query(Session).all()
for session in sessions:
self.assertEqual(session.classification_id, 'bruteforce')
self.assertEqual(len(sessions), 100)
