def test_dbfeeds(self):
"""Tests event storage on a database"""
self.test_filename = mkstemp(".sqlite", "dbfeedstest")[1]
# Register an event using the DBFeed
configuration = Configuration({
"feed":
"DBFeed",
"db_engine":
"sqlite:///%s" % self.test_filename
})
feed = DBFeed(configuration)
event = Event("Test event")
event.session = Session(Queue(), "test", "127.0.0.1", 3200,
"127.0.0.1", 3201)
feed.log(event)
feed.stop()
# Now check the event in the database
conn = sqlite3.connect(self.test_filename)
cursor = conn.cursor()
cursor.execute('SELECT * FROM events')
results = cursor.fetchall()
self.assertEqual(len(results), 1)
self.assertEqual(results[0][1], str(event.session.uuid))
self.assertEqual(results[0][2], str(event.timestamp))
self.assertEqual(results[0][3], repr(event))
def test_session(self):
"""Test the attack session object"""
queue = Queue()
session = Session(queue, "test", "127.0.0.1", 3200, "127.0.0.1", 3201)
event_str = "Some event"
# Test adding an event object
event = Event(event_str)
session.add_event(event)
new_event = queue.get()
self.assertIs(new_event, event)
self.assertIs(new_event.session, session)
# Test adding an event string
session.add_event(event_str)
new_event = queue.get()
self.assertIs(new_event.session, session)
self.assertIsInstance(new_event, Event)
self.assertEqual(new_event.event, event_str)
def test_event(self):
"""Test the attack event object"""
event = Event(self.test_string, data=self.test_string)
with self.assertRaises(Exception):
str(event)
with self.assertRaises(Exception):
repr(event)
session = Session(Queue(), "test", "127.0.0.1", 3200, "127.0.0.1", 3201)
session.add_event(event)
event_json = json.loads(repr(event))
self.assertEqual(event_json["event"], event.event)
self.assertEqual(event_json["data"], event.data)
self.assertEqual(event_json["timestamp"], str(event.timestamp))
self.assertEqual(event_json["session"], str(session.uuid))
self.assertEqual(event_json["service"], session.service)
self.assertEqual(event_json["source_ip"], session.source_ip)
self.assertEqual(event_json["source_port"], session.source_port)
self.assertEqual(event_json["target_ip"], session.target_ip)
self.assertEqual(event_json["target_port"], session.target_port)
def test_event(self):
"""Test the attack event object"""
event = Event(self.test_string, data=self.test_string)
with self.assertRaises(Exception):
str(event)
with self.assertRaises(Exception):
repr(event)
session = Session(Queue(), "test", "127.0.0.1", 3200, "127.0.0.1", 3201)
session.add_event(event)
event_json = json.loads(repr(event))
self.assertEqual(event_json["event"], event.event)
self.assertEqual(event_json["data"], event.data)
self.assertEqual(event_json["timestamp"], str(event.timestamp))
self.assertEqual(event_json["session"], str(session.uuid))
self.assertEqual(event_json["service"], session.service)
self.assertEqual(event_json["source_ip"], session.source_ip)
self.assertEqual(event_json["source_port"], session.source_port)
self.assertEqual(event_json["target_ip"], session.target_ip)
self.assertEqual(event_json["target_port"], session.target_port)
def test_hpfeeds(self):
"""Tests the HPFeed by connecting to honeynet's HPFriends service.
"""
# Register an event using the HPFeed
configuration = Configuration({"feed": "HPFeed",
"feed_host": self.test_host,
"feed_port": self.test_port,
"feed_ident": self.test_ident,
"feed_secret": self.test_secret,
"channels": [self.test_channel]})
feed = HPFeed(configuration)
event = Event("Test event")
event.session = Session(Queue(), "test", "127.0.0.1", 3200,
"127.0.0.1", 3201)
feed.log(event)
feed.stop()
def test_logfeeds(self):
self.test_filename = mkstemp(".log", "logfeedstest")[1]
# Register an event using the LogFeed
configuration = Configuration({
"feed": "LogFeed",
"log_filename": self.test_filename
})
feed = LogFeed(configuration)
event = Event("Test event")
event.session = Session(Queue(), "test", "127.0.0.1", 3200,
"127.0.0.1", 3201)
feed.log(event)
feed.stop()
self.assertIs(path.exists(self.test_filename), True)
def test_session(self):
"""Test the attack session object"""
queue = Queue()
session = Session(queue, "test", "127.0.0.1", 3200, "127.0.0.1", 3201)
event_str = "Some event"
# Test adding an event object
event = Event(event_str)
session.add_event(event)
new_event = queue.get()
self.assertIs(new_event, event)
self.assertIs(new_event.session, session)
# Test adding an event string
session.add_event(event_str)
new_event = queue.get()
self.assertIs(new_event.session, session)
self.assertIsInstance(new_event, Event)
self.assertEqual(new_event.event, event_str)
