Commits

György Kohut committed e4ee342

add shadowserver asn module

Comments (0)

Files changed (5)

 hpfeedsra - resource adapter providing interfacing with hpfeeds for modules
 hpfeeds - hpfeeds submission handler intended for the channels dionaea.capture and mwbinary.dionaea.sensorunique
 virustotal - retrieves VirusTotal reports for binaries
+shadowserver_asn - performs ASN lookup at Shadowserver for IPs
 hbstats - recurring process that maintains aggregate tables over the data set (runs every 2 s)
 
 == Initial Setup ==
 # connection factory
 create-jms-resource --restype javax.jms.ConnectionFactory jms/ConnectionFactory
 create-jms-resource --restype javax.jms.ConnectionFactory --property ClientId=virustotal jms/DurableConsumer/virustotal
+create-jms-resource --restype javax.jms.ConnectionFactory --property ClientId=shadowserver_asn jms/DurableConsumer/shadowserver_asn
 ping-connection-pool jms/ConnectionFactory
 
 # logback config location
 deploy target/modules/org.honeynet.hbbackend.hpfeedsra.rar
 deploy target/modules/org.honeynet.hbbackend.hpfeeds.jar
 deploy target/modules/org.honeynet.hbbackend.virustotal.jar
+deploy target/modules/org.honeynet.hbbackend.shadowserver_asn.jar
 
 NOTE: currently, the code is scaled back, so there's only hpfeeds submission handling and no consumers mentioned above.
 
 
 E.g.:
 
+undeploy org.honeynet.hbbackend.shadowserver_asn
 undeploy org.honeynet.hbbackend.virustotal
 undeploy org.honeynet.hbbackend.hpfeedsra
 undeploy org.honeynet.hbbackend.hpfeeds
 	    depends="build-hpfeedsra,
 		     build-hpfeeds,
 		     build-virustotal,
+		     build-shadowserver_asn,
 		     build-stats
 		     "
 	    description="--> build all modules"
       </package-ejb>
     </target>
 
+    <target name="build-shadowserver_asn" depends="compile" description="module">
+      <package-ejb name="shadowserver_asn">
+	<embed>
+	  <!-- <embed-package package="common"/> -->
+	</embed>
+      </package-ejb>
+    </target>
+
     <target name="build-stats" depends="compile" description="module">
       <package-ejb name="stats">
 	<embed>

schema/hbbackend.erm

 	<category_index>0</category_index>
 	<zoom>1.0</zoom>
 	<x>277</x>
-	<y>0</y>
+	<y>38</y>
 	<default_color>
 		<r>128</r>
 		<g>128</g>
 			</connections>
 			<display>false</display>
 			<creation_date>2011-06-10 22:42:09</creation_date>
-			<updated_date>2012-08-08 00:10:57</updated_date>
+			<updated_date>2012-08-08 11:14:55</updated_date>
 			<model_property>
 				<name>Project Name</name>
 				<value></value>
 			<unsigned>false</unsigned>
 			<args></args>
 			<description></description>
+			<logical_name>asn</logical_name>
+			<physical_name>asn</physical_name>
+			<type>bigint</type>
+		</word>
+		<word>
+			<id>1</id>
+			<length>null</length>
+			<decimal>null</decimal>
+			<array>false</array>
+			<array_dimension>null</array_dimension>
+			<unsigned>false</unsigned>
+			<args></args>
+			<description></description>
+			<logical_name>as_name</logical_name>
+			<physical_name>as_name</physical_name>
+			<type>varchar</type>
+		</word>
+		<word>
+			<id>2</id>
+			<length>null</length>
+			<decimal>null</decimal>
+			<array>false</array>
+			<array_dimension>null</array_dimension>
+			<unsigned>false</unsigned>
+			<args></args>
+			<description></description>
+			<logical_name>bgp_prefix</logical_name>
+			<physical_name>bgp_prefix</physical_name>
+			<type>inet</type>
+		</word>
+		<word>
+			<id>3</id>
+			<length>2</length>
+			<decimal>null</decimal>
+			<array>false</array>
+			<array_dimension>null</array_dimension>
+			<unsigned>false</unsigned>
+			<args></args>
+			<description></description>
+			<logical_name>cc</logical_name>
+			<physical_name>cc</physical_name>
+			<type>character(n)</type>
+		</word>
+		<word>
+			<id>4</id>
+			<length>null</length>
+			<decimal>null</decimal>
+			<array>false</array>
+			<array_dimension>null</array_dimension>
+			<unsigned>false</unsigned>
+			<args></args>
+			<description></description>
+			<logical_name>dom</logical_name>
+			<physical_name>dom</physical_name>
+			<type>varchar</type>
+		</word>
+		<word>
+			<id>5</id>
+			<length>null</length>
+			<decimal>null</decimal>
+			<array>false</array>
+			<array_dimension>null</array_dimension>
+			<unsigned>false</unsigned>
+			<args></args>
+			<description></description>
 			<logical_name>engine</logical_name>
 			<physical_name>engine</physical_name>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>1</id>
+			<id>6</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>2</id>
+			<id>7</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>3</id>
+			<id>8</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>integer</type>
 		</word>
 		<word>
-			<id>4</id>
+			<id>9</id>
 			<length>128</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar(n)</type>
 		</word>
 		<word>
-			<id>5</id>
+			<id>10</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigserial</type>
 		</word>
 		<word>
-			<id>6</id>
+			<id>11</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigserial</type>
 		</word>
 		<word>
-			<id>7</id>
+			<id>12</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigserial</type>
 		</word>
 		<word>
-			<id>8</id>
+			<id>13</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigserial</type>
 		</word>
 		<word>
-			<id>9</id>
+			<id>14</id>
+			<length>null</length>
+			<decimal>null</decimal>
+			<array>false</array>
+			<array_dimension>null</array_dimension>
+			<unsigned>false</unsigned>
+			<args></args>
+			<description></description>
+			<logical_name>id</logical_name>
+			<physical_name>id</physical_name>
+			<type>bigserial</type>
+		</word>
+		<word>
+			<id>15</id>
 			<length>16</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar(n)</type>
 		</word>
 		<word>
-			<id>10</id>
+			<id>16</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>inet</type>
 		</word>
 		<word>
-			<id>11</id>
+			<id>17</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>inet</type>
 		</word>
 		<word>
-			<id>12</id>
+			<id>18</id>
+			<length>null</length>
+			<decimal>null</decimal>
+			<array>false</array>
+			<array_dimension>null</array_dimension>
+			<unsigned>false</unsigned>
+			<args></args>
+			<description></description>
+			<logical_name>ip</logical_name>
+			<physical_name>ip</physical_name>
+			<type>inet</type>
+		</word>
+		<word>
+			<id>19</id>
+			<length>null</length>
+			<decimal>null</decimal>
+			<array>false</array>
+			<array_dimension>null</array_dimension>
+			<unsigned>false</unsigned>
+			<args></args>
+			<description></description>
+			<logical_name>isp</logical_name>
+			<physical_name>isp</physical_name>
+			<type>varchar</type>
+		</word>
+		<word>
+			<id>20</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>13</id>
+			<id>21</id>
 			<length>32</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>character(n)</type>
 		</word>
 		<word>
-			<id>14</id>
+			<id>22</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>15</id>
+			<id>23</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>integer</type>
 		</word>
 		<word>
-			<id>16</id>
+			<id>24</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>17</id>
+			<id>25</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>18</id>
+			<id>26</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigint</type>
 		</word>
 		<word>
-			<id>19</id>
+			<id>27</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigint</type>
 		</word>
 		<word>
-			<id>20</id>
+			<id>28</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigint</type>
 		</word>
 		<word>
-			<id>21</id>
+			<id>29</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigint</type>
 		</word>
 		<word>
-			<id>22</id>
+			<id>30</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>23</id>
+			<id>31</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>24</id>
+			<id>32</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>25</id>
+			<id>33</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>26</id>
+			<id>34</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>27</id>
+			<id>35</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>28</id>
+			<id>36</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>29</id>
+			<id>37</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>30</id>
+			<id>38</id>
 			<length>128</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>character(n)</type>
 		</word>
 		<word>
-			<id>31</id>
+			<id>39</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>inet</type>
 		</word>
 		<word>
-			<id>32</id>
+			<id>40</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>integer</type>
 		</word>
 		<word>
-			<id>33</id>
+			<id>41</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>boolean</type>
 		</word>
 		<word>
-			<id>34</id>
+			<id>42</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>inet</type>
 		</word>
 		<word>
-			<id>35</id>
+			<id>43</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>integer</type>
 		</word>
 		<word>
-			<id>36</id>
+			<id>44</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>37</id>
+			<id>45</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>38</id>
+			<id>46</id>
+			<length>null</length>
+			<decimal>null</decimal>
+			<array>false</array>
+			<array_dimension>null</array_dimension>
+			<unsigned>false</unsigned>
+			<args></args>
+			<description></description>
+			<logical_name>ts</logical_name>
+			<physical_name>ts</physical_name>
+			<type>timestamp with time zone</type>
+		</word>
+		<word>
+			<id>47</id>
 			<length>128</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<option></option>
 			<columns>
 				<normal_column>
-					<word_id>5</word_id>
+					<word_id>10</word_id>
 					<id>0</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>9</word_id>
+					<word_id>15</word_id>
 					<id>1</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>18</word_id>
+					<word_id>26</word_id>
 					<id>2</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>23</word_id>
+					<word_id>31</word_id>
 					<id>3</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>27</word_id>
+					<word_id>35</word_id>
 					<id>4</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 			<option></option>
 			<columns>
 				<normal_column>
-					<word_id>10</word_id>
+					<word_id>16</word_id>
 					<id>5</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>19</word_id>
+					<word_id>27</word_id>
 					<id>6</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>24</word_id>
+					<word_id>32</word_id>
 					<id>7</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>26</word_id>
+					<word_id>34</word_id>
 					<id>8</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 			<option></option>
 			<columns>
 				<normal_column>
-					<word_id>11</word_id>
+					<word_id>17</word_id>
 					<id>9</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>21</word_id>
+					<word_id>29</word_id>
 					<id>10</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>25</word_id>
+					<word_id>33</word_id>
 					<id>11</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>28</word_id>
+					<word_id>36</word_id>
 					<id>12</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 			<option></option>
 			<columns>
 				<normal_column>
-					<word_id>8</word_id>
+					<word_id>13</word_id>
 					<id>13</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>13</word_id>
+					<word_id>21</word_id>
 					<id>14</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>30</word_id>
+					<word_id>38</word_id>
 					<id>15</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>4</word_id>
+					<word_id>9</word_id>
 					<id>16</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>3</word_id>
+					<word_id>8</word_id>
 					<id>17</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>20</word_id>
+					<word_id>28</word_id>
 					<id>18</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>22</word_id>
+					<word_id>30</word_id>
 					<id>19</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>29</word_id>
+					<word_id>37</word_id>
 					<id>20</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>33</word_id>
+					<word_id>41</word_id>
 					<id>21</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 			<option></option>
 			<columns>
 				<normal_column>
-					<word_id>6</word_id>
+					<word_id>11</word_id>
 					<id>22</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>36</word_id>
+					<word_id>44</word_id>
 					<id>23</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>31</word_id>
+					<word_id>39</word_id>
 					<id>26</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>32</word_id>
+					<word_id>40</word_id>
 					<id>27</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>34</word_id>
+					<word_id>42</word_id>
 					<id>28</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>35</word_id>
+					<word_id>43</word_id>
 					<id>29</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>38</word_id>
+					<word_id>47</word_id>
 					<id>30</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>12</word_id>
+					<word_id>20</word_id>
 					<id>32</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>0</word_id>
+					<word_id>5</word_id>
 					<id>33</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>2</word_id>
+					<word_id>7</word_id>
 					<id>34</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>1</word_id>
+					<word_id>6</word_id>
 					<id>35</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 			<option></option>
 			<columns>
 				<normal_column>
-					<word_id>7</word_id>
+					<word_id>12</word_id>
 					<id>36</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>37</word_id>
+					<word_id>46</word_id>
 					<id>38</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>15</word_id>
+					<word_id>23</word_id>
 					<id>39</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>17</word_id>
+					<word_id>25</word_id>
 					<id>40</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>16</word_id>
+					<word_id>24</word_id>
 					<id>41</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>14</word_id>
+					<word_id>22</word_id>
 					<id>42</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 				<schema></schema>
 			</table_properties>
 		</table>
+		<table>
+			<id>7</id>
+			<height>212</height>
+			<width>185</width>
+				<font_name>Lucida Grande</font_name>
+				<font_size>9</font_size>
+			<x>769</x>
+			<y>266</y>
+			<color>
+				<r>128</r>
+				<g>128</g>
+				<b>192</b>
+			</color>
+			<connections>
+			</connections>
+			<physical_name>asn_shadowserver</physical_name>
+			<logical_name>asn_shadowserver</logical_name>
+			<description></description>
+			<constraint></constraint>
+			<primary_key_name></primary_key_name>
+			<option></option>
+			<columns>
+				<normal_column>
+					<word_id>14</word_id>
+					<id>43</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>bigserial</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>true</not_null>
+					<primary_key>true</primary_key>
+					<unique_key>true</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>18</word_id>
+					<id>44</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>inet</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>true</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>0</word_id>
+					<id>45</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>bigint</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>false</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>1</word_id>
+					<id>46</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>varchar</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>false</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>3</word_id>
+					<id>47</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>character(n)</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>false</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>4</word_id>
+					<id>48</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>varchar</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>false</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>19</word_id>
+					<id>49</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>varchar</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>false</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>2</word_id>
+					<id>50</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>inet</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>false</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>45</word_id>
+					<id>51</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>timestamp with time zone</type>
+					<constraint></constraint>
+					<default_value>transaction_timestamp()</default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>false</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+			</columns>
+			<indexes>
+			</indexes>
+			<complex_unique_key_list>
+			</complex_unique_key_list>
+			<table_properties>
+				<without_oids>true</without_oids>
+				<schema></schema>
+			</table_properties>
+		</table>
 	</contents>
 	<column_groups>
 	</column_groups>

schema/hbbackend.sql

 
 /* Drop Tables */
 
+DROP TABLE IF EXISTS ASN_SHADOWSERVER;
 DROP TABLE IF EXISTS ATTACKS;
 DROP TABLE IF EXISTS VIRUSTOTAL_RESULTS;
 DROP TABLE IF EXISTS VIRUSTOTAL_REPORTS;
 
 /* Create Tables */
 
+CREATE TABLE ASN_SHADOWSERVER
+(
+	ID BIGSERIAL NOT NULL UNIQUE,
+	IP INET NOT NULL,
+	ASN BIGINT,
+	AS_NAME VARCHAR,
+	CC CHAR(2),
+	DOM VARCHAR,
+	ISP VARCHAR,
+	BGP_PREFIX INET,
+	TS TIMESTAMP WITH TIME ZONE DEFAULT transaction_timestamp(),
+	PRIMARY KEY (ID)
+) WITHOUT OIDS;
+
+
 CREATE TABLE ATTACKS
 (
 	ID BIGSERIAL NOT NULL UNIQUE,

src/main/java/org/honeynet/hbbackend/shadowserver_asn/ShadowserverAsn.java

+package org.honeynet.hbbackend.shadowserver_asn;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.io.PrintWriter;
+import java.net.Socket;
+import java.net.SocketTimeoutException;
+import java.net.UnknownHostException;
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.regex.Pattern;
+
+import javax.annotation.Resource;
+import javax.ejb.EJBException;
+import javax.ejb.Schedule;
+import javax.ejb.Singleton;
+import javax.ejb.Startup;
+import javax.ejb.TransactionAttribute;
+import javax.ejb.TransactionAttributeType;
+import javax.jms.ConnectionFactory;
+import javax.jms.JMSException;
+import javax.jms.Message;
+import javax.jms.Session;
+import javax.jms.Topic;
+import javax.jms.TopicSubscriber;
+import javax.sql.DataSource;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+@Singleton
+@Startup
+public class ShadowserverAsn {
+	private final static String SERVER = "asn.shadowserver.org";
+	private final static int SERVER_PORT = 43;
+	private final static int SO_TIMEOUT = 3000;
+    private final static Pattern SPLIT_REGEX = Pattern.compile("\\s+\\|\\s+");
+    
+    public static final String SUB_NAME = "shadowserver_asn";
+	
+	private static Logger log = LoggerFactory.getLogger(ShadowserverAsn.class);
+	
+	
+	@Resource(mappedName="jdbc/hbbackend")
+	private DataSource ds;
+	
+	@Resource(mappedName="jms/DurableConsumer/shadowserver_asn")
+	private ConnectionFactory jmsConnectionFactory;
+	
+	@Resource(mappedName="jms/new_ip")
+	private Topic jms_new_ip;
+	
+	
+	private String emsg;
+	
+	
+	@Schedule(second="*/1", minute="*", hour="*", persistent=false)
+	@TransactionAttribute(TransactionAttributeType.REQUIRES_NEW)
+	public void work() {
+		log.trace("work()");
+		
+		javax.jms.Connection mq = null;
+		Session sess = null;
+		TopicSubscriber sub = null;
+
+		try {
+			mq = jmsConnectionFactory.createConnection();
+			sess = mq.createSession(true, 0);
+			sub = sess.createDurableSubscriber(jms_new_ip, SUB_NAME);
+			mq.start();
+			
+			Message msg = sub.receiveNoWait();
+			if (msg == null) return;
+			
+			String ip = msg.getStringProperty("ip");
+			log.debug("received new msg | ip = {}", ip);
+			
+			store(ip, retrieve(ip));
+		}
+		catch (JMSException e) {
+			log.error("got JMSException", e);
+			throw new EJBException(e);
+		}
+		finally {
+			try {
+				if (sub != null) sub.close(); 
+				if (sess != null) sess.close();
+				if (mq != null)	mq.close();
+			} catch (JMSException e) {
+				log.error("got JMSException while closing resource", e);
+			}
+		}
+	}
+	
+	
+	private Result retrieve(String ip) {
+		log.trace("retrieve()");
+		
+		try {
+			log.debug("querying {}:{} | ip={}", new Object[]{ SERVER, SERVER_PORT, ip });
+			Socket socket = new Socket(SERVER, SERVER_PORT);
+			socket.setSoTimeout(SO_TIMEOUT);
+			
+			BufferedReader in
+				= new BufferedReader(new InputStreamReader(socket.getInputStream(), "US-ASCII"));
+			PrintWriter out
+				= new PrintWriter(socket.getOutputStream());
+			
+			// request
+			out.println("begin origin");
+			out.println(ip);
+			out.println("end");
+			out.flush();
+			
+			// response
+			String response = in.readLine();
+			log.trace("response: {}", response);
+			
+			out.close();
+			in.close();
+			socket.close();
+			
+			if (response == null) {
+				emsg = "no response";
+				log.error(emsg);
+				throw new EJBException(emsg);
+			}
+			
+			// format: (0) IP | (1) ASN | (2) Prefix | (3) AS Name | (4) CN | (5) Domain | (6) ISP
+			String[] responseFields = SPLIT_REGEX.split(response);
+			if (responseFields.length != 7) {
+				emsg = "invalid number of fields in response";
+				log.error(emsg);
+				throw new EJBException(emsg);
+			}
+			 
+			Result result = new Result();
+			int i = -1;
+			try {
+				result.asn = handleLongField(responseFields[i=1]);
+				result.as_name = handleStringField(responseFields[i=3]);
+				result.cc = handleStringField(responseFields[i=4]);
+				result.dom = handleStringField(responseFields[i=5]);
+				result.isp = handleStringField(responseFields[i=6]);
+				result.bgp_prefix = handleStringField(responseFields[i=2]);
+			}
+			catch (ValidationException e) {
+				emsg = "invalid response: field " + i + ": " + e.getMessage();
+				log.error(emsg);
+				throw new EJBException(emsg);
+			}
+			
+			log.trace("parsed response: {}", result);
+			return result;
+		}
+		catch (UnknownHostException e) {
+			log.error("got UnknownHostException", e);
+			throw new EJBException(e);
+			
+		}
+		catch (SocketTimeoutException e) {
+			log.error("got SocketTimeoutException", e);
+			throw new EJBException(e);
+		}
+		catch (IOException e) {
+			log.error("got IOException", e);
+			throw new EJBException(e);
+		}
+	}
+	
+	
+	private void store(String ip, Result result) {
+		log.trace("retrieve()");
+		
+		Connection db = null;
+		try {
+			db = ds.getConnection();
+			
+			PreparedStatement pStmt;
+			ResultSet queryRes;
+			
+			long recordId;
+			
+			pStmt = db.prepareStatement("insert into asn_shadowserver (ip, asn, as_name, cc, dom, isp, bgp_prefix) values (inet(?),?,?,?,?,?,inet(?)) returning id");
+			pStmt.setString(1, ip);
+			pStmt.setLong(2, result.asn);
+			pStmt.setString(3, result.as_name);
+			pStmt.setString(4, result.cc);
+			pStmt.setString(5, result.dom);
+			pStmt.setString(6, result.isp);
+			pStmt.setString(7, result.bgp_prefix);
+			queryRes = pStmt.executeQuery();
+			queryRes.next();
+			recordId = queryRes.getLong(1);
+			queryRes.close();
+			pStmt.close();
+			log.debug("inserted into asn_shadowserver | ip={} id={}", ip, recordId);
+		}
+		catch (SQLException e) {
+				log.error("got SQLException", e);
+				throw new EJBException(e);
+		}
+		finally {
+			try {
+				if (db != null)	db.close();
+			}
+			catch (SQLException e) {
+				log.error("got SQLException while closing resource", e);
+			}
+		}
+	}
+	
+	
+	private static String handleStringField(String value) throws ValidationException {
+		value = value.trim();
+    	if (value.equals("")) throw new ValidationException("empty field");
+        return value;
+	}
+	
+	private static long handleLongField(String value) throws ValidationException {
+		value = value.trim();
+    	if (value.equals("")) throw new ValidationException("empty field");
+    	try {
+    		return Long.parseLong(value);
+    	}
+    	catch (NumberFormatException e) {
+    		throw new ValidationException("number not parsable");
+		}
+	}
+	
+	
+	private static class Result {	
+		long asn;
+		String as_name;
+		String cc;
+		String dom;
+		String isp;
+		String bgp_prefix;
+		
+		@Override
+		public String toString() {
+			return String.format(
+					"asn = %d | as_name = %s | cc = %s | dom = %s | isp = %s | bgp_prefix = %s",
+					asn, as_name, cc, dom, isp, bgp_prefix);
+		}
+	}
+	
+	private static class ValidationException extends Exception { 
+		public ValidationException(String msg) {
+			super(msg);
+		}
+	}
+}
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.