Commits

György Kohut  committed fbc5816

add shadowserver geo module

  • Participants
  • Parent commits e4ee342

Comments (0)

Files changed (5)

 hpfeeds - hpfeeds submission handler intended for the channels dionaea.capture and mwbinary.dionaea.sensorunique
 virustotal - retrieves VirusTotal reports for binaries
 shadowserver_asn - performs ASN lookup at Shadowserver for IPs
+shadowserver_geoip - performs Geo-IP lookup at Shadowserver
 hbstats - recurring process that maintains aggregate tables over the data set (runs every 2 s)
 
 == Initial Setup ==
 create-jms-resource --restype javax.jms.ConnectionFactory jms/ConnectionFactory
 create-jms-resource --restype javax.jms.ConnectionFactory --property ClientId=virustotal jms/DurableConsumer/virustotal
 create-jms-resource --restype javax.jms.ConnectionFactory --property ClientId=shadowserver_asn jms/DurableConsumer/shadowserver_asn
+create-jms-resource --restype javax.jms.ConnectionFactory --property ClientId=shadowserver_geoip jms/DurableConsumer/shadowserver_geoip
 ping-connection-pool jms/ConnectionFactory
 
 # logback config location
 		     build-hpfeeds,
 		     build-virustotal,
 		     build-shadowserver_asn,
+		     build-shadowserver_geoip,
 		     build-stats
 		     "
 	    description="--> build all modules"
       </package-ejb>
     </target>
 
+    <target name="build-shadowserver_geoip" depends="compile" description="module">
+      <package-ejb name="shadowserver_geoip">
+	<embed>
+	  <!-- <embed-package package="common"/> -->
+	</embed>
+      </package-ejb>
+    </target>
+
     <target name="build-stats" depends="compile" description="module">
       <package-ejb name="stats">
 	<embed>

File schema/hbbackend.erm

 	<category_index>0</category_index>
 	<zoom>1.0</zoom>
 	<x>277</x>
-	<y>38</y>
+	<y>55</y>
 	<default_color>
 		<r>128</r>
 		<g>128</g>
 			</connections>
 			<display>false</display>
 			<creation_date>2011-06-10 22:42:09</creation_date>
-			<updated_date>2012-08-08 11:14:55</updated_date>
+			<updated_date>2012-08-08 14:47:41</updated_date>
 			<model_property>
 				<name>Project Name</name>
 				<value></value>
 			<unsigned>false</unsigned>
 			<args></args>
 			<description></description>
+			<logical_name>city</logical_name>
+			<physical_name>city</physical_name>
+			<type>varchar</type>
+		</word>
+		<word>
+			<id>5</id>
+			<length>null</length>
+			<decimal>null</decimal>
+			<array>false</array>
+			<array_dimension>null</array_dimension>
+			<unsigned>false</unsigned>
+			<args></args>
+			<description></description>
 			<logical_name>dom</logical_name>
 			<physical_name>dom</physical_name>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>5</id>
+			<id>6</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>6</id>
+			<id>7</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>7</id>
+			<id>8</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>8</id>
+			<id>9</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>integer</type>
 		</word>
 		<word>
-			<id>9</id>
+			<id>10</id>
 			<length>128</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar(n)</type>
 		</word>
 		<word>
-			<id>10</id>
+			<id>11</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigserial</type>
 		</word>
 		<word>
-			<id>11</id>
+			<id>12</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigserial</type>
 		</word>
 		<word>
-			<id>12</id>
+			<id>13</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigserial</type>
 		</word>
 		<word>
-			<id>13</id>
+			<id>14</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigserial</type>
 		</word>
 		<word>
-			<id>14</id>
+			<id>15</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigserial</type>
 		</word>
 		<word>
-			<id>15</id>
+			<id>16</id>
 			<length>16</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar(n)</type>
 		</word>
 		<word>
-			<id>16</id>
+			<id>17</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>inet</type>
 		</word>
 		<word>
-			<id>17</id>
+			<id>18</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>inet</type>
 		</word>
 		<word>
-			<id>18</id>
+			<id>19</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>inet</type>
 		</word>
 		<word>
-			<id>19</id>
+			<id>20</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>20</id>
+			<id>21</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>21</id>
+			<id>22</id>
+			<length>null</length>
+			<decimal>null</decimal>
+			<array>false</array>
+			<array_dimension>null</array_dimension>
+			<unsigned>false</unsigned>
+			<args></args>
+			<description></description>
+			<logical_name>latitude</logical_name>
+			<physical_name>latitude</physical_name>
+			<type>float</type>
+		</word>
+		<word>
+			<id>23</id>
+			<length>null</length>
+			<decimal>null</decimal>
+			<array>false</array>
+			<array_dimension>null</array_dimension>
+			<unsigned>false</unsigned>
+			<args></args>
+			<description></description>
+			<logical_name>longitude</logical_name>
+			<physical_name>longitude</physical_name>
+			<type>float</type>
+		</word>
+		<word>
+			<id>24</id>
 			<length>32</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>character(n)</type>
 		</word>
 		<word>
-			<id>22</id>
+			<id>25</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>23</id>
+			<id>26</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>integer</type>
 		</word>
 		<word>
-			<id>24</id>
+			<id>27</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>25</id>
+			<id>28</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>varchar</type>
 		</word>
 		<word>
-			<id>26</id>
+			<id>29</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigint</type>
 		</word>
 		<word>
-			<id>27</id>
+			<id>30</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigint</type>
 		</word>
 		<word>
-			<id>28</id>
+			<id>31</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigint</type>
 		</word>
 		<word>
-			<id>29</id>
+			<id>32</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>bigint</type>
 		</word>
 		<word>
-			<id>30</id>
+			<id>33</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>31</id>
+			<id>34</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>32</id>
+			<id>35</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>33</id>
+			<id>36</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>34</id>
+			<id>37</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>35</id>
+			<id>38</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>36</id>
+			<id>39</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>37</id>
+			<id>40</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>38</id>
+			<id>41</id>
 			<length>128</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>character(n)</type>
 		</word>
 		<word>
-			<id>39</id>
+			<id>42</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>inet</type>
 		</word>
 		<word>
-			<id>40</id>
+			<id>43</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>integer</type>
 		</word>
 		<word>
-			<id>41</id>
+			<id>44</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>boolean</type>
 		</word>
 		<word>
-			<id>42</id>
+			<id>45</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>inet</type>
 		</word>
 		<word>
-			<id>43</id>
+			<id>46</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>integer</type>
 		</word>
 		<word>
-			<id>44</id>
+			<id>47</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>45</id>
+			<id>48</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>46</id>
+			<id>49</id>
 			<length>null</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<type>timestamp with time zone</type>
 		</word>
 		<word>
-			<id>47</id>
+			<id>50</id>
+			<length>null</length>
+			<decimal>null</decimal>
+			<array>false</array>
+			<array_dimension>null</array_dimension>
+			<unsigned>false</unsigned>
+			<args></args>
+			<description></description>
+			<logical_name>ts</logical_name>
+			<physical_name>ts</physical_name>
+			<type>timestamp with time zone</type>
+		</word>
+		<word>
+			<id>51</id>
 			<length>128</length>
 			<decimal>null</decimal>
 			<array>false</array>
 			<option></option>
 			<columns>
 				<normal_column>
-					<word_id>10</word_id>
+					<word_id>11</word_id>
 					<id>0</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>15</word_id>
+					<word_id>16</word_id>
 					<id>1</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>26</word_id>
+					<word_id>29</word_id>
 					<id>2</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>31</word_id>
+					<word_id>34</word_id>
 					<id>3</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>35</word_id>
+					<word_id>38</word_id>
 					<id>4</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 			<option></option>
 			<columns>
 				<normal_column>
-					<word_id>16</word_id>
+					<word_id>17</word_id>
 					<id>5</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>27</word_id>
+					<word_id>30</word_id>
 					<id>6</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>32</word_id>
+					<word_id>35</word_id>
 					<id>7</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>34</word_id>
+					<word_id>37</word_id>
 					<id>8</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 			<option></option>
 			<columns>
 				<normal_column>
-					<word_id>17</word_id>
+					<word_id>18</word_id>
 					<id>9</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>29</word_id>
+					<word_id>32</word_id>
 					<id>10</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>33</word_id>
+					<word_id>36</word_id>
 					<id>11</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>36</word_id>
+					<word_id>39</word_id>
 					<id>12</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 			<option></option>
 			<columns>
 				<normal_column>
-					<word_id>13</word_id>
+					<word_id>14</word_id>
 					<id>13</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>21</word_id>
+					<word_id>24</word_id>
 					<id>14</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>38</word_id>
+					<word_id>41</word_id>
 					<id>15</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>9</word_id>
+					<word_id>10</word_id>
 					<id>16</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>8</word_id>
+					<word_id>9</word_id>
 					<id>17</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>28</word_id>
+					<word_id>31</word_id>
 					<id>18</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>30</word_id>
+					<word_id>33</word_id>
 					<id>19</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>37</word_id>
+					<word_id>40</word_id>
 					<id>20</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>41</word_id>
+					<word_id>44</word_id>
 					<id>21</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 			<option></option>
 			<columns>
 				<normal_column>
-					<word_id>11</word_id>
+					<word_id>12</word_id>
 					<id>22</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>44</word_id>
+					<word_id>47</word_id>
 					<id>23</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>39</word_id>
+					<word_id>42</word_id>
 					<id>26</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>40</word_id>
+					<word_id>43</word_id>
 					<id>27</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>42</word_id>
+					<word_id>45</word_id>
 					<id>28</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>43</word_id>
+					<word_id>46</word_id>
 					<id>29</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>47</word_id>
+					<word_id>51</word_id>
 					<id>30</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>20</word_id>
+					<word_id>21</word_id>
 					<id>32</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>5</word_id>
+					<word_id>6</word_id>
 					<id>33</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>7</word_id>
+					<word_id>8</word_id>
 					<id>34</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>6</word_id>
+					<word_id>7</word_id>
 					<id>35</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 			<option></option>
 			<columns>
 				<normal_column>
-					<word_id>12</word_id>
+					<word_id>13</word_id>
 					<id>36</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>46</word_id>
+					<word_id>49</word_id>
 					<id>38</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>23</word_id>
+					<word_id>26</word_id>
 					<id>39</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>25</word_id>
+					<word_id>28</word_id>
 					<id>40</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>24</word_id>
+					<word_id>27</word_id>
 					<id>41</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>22</word_id>
+					<word_id>25</word_id>
 					<id>42</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 		</table>
 		<table>
 			<id>7</id>
-			<height>212</height>
-			<width>185</width>
+			<height>233</height>
+			<width>248</width>
 				<font_name>Lucida Grande</font_name>
 				<font_size>9</font_size>
-			<x>769</x>
+			<x>753</x>
 			<y>266</y>
 			<color>
 				<r>128</r>
 			<option></option>
 			<columns>
 				<normal_column>
-					<word_id>14</word_id>
+					<word_id>15</word_id>
 					<id>43</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>18</word_id>
+					<word_id>19</word_id>
 					<id>44</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>4</word_id>
+					<word_id>5</word_id>
 					<id>48</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>19</word_id>
+					<word_id>20</word_id>
 					<id>49</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 					</sequence>
 				</normal_column>
 				<normal_column>
-					<word_id>45</word_id>
+					<word_id>48</word_id>
 					<id>51</id>
 					<description></description>
 					<unique_key_name></unique_key_name>
 				<schema></schema>
 			</table_properties>
 		</table>
+		<table>
+			<id>8</id>
+			<height>233</height>
+			<width>248</width>
+				<font_name>Lucida Grande</font_name>
+				<font_size>9</font_size>
+			<x>1033</x>
+			<y>264</y>
+			<color>
+				<r>128</r>
+				<g>128</g>
+				<b>192</b>
+			</color>
+			<connections>
+			</connections>
+			<physical_name>geoip_shadowserver</physical_name>
+			<logical_name>geoip_shadowserver</logical_name>
+			<description></description>
+			<constraint></constraint>
+			<primary_key_name></primary_key_name>
+			<option></option>
+			<columns>
+				<normal_column>
+					<word_id>15</word_id>
+					<id>52</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>bigserial</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>true</not_null>
+					<primary_key>true</primary_key>
+					<unique_key>true</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>19</word_id>
+					<id>53</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>inet</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>true</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>3</word_id>
+					<id>54</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>character(n)</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>false</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>4</word_id>
+					<id>55</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>varchar</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>false</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>22</word_id>
+					<id>56</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>float</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>false</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>23</word_id>
+					<id>57</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>float</type>
+					<constraint></constraint>
+					<default_value></default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>false</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+				<normal_column>
+					<word_id>50</word_id>
+					<id>58</id>
+					<description></description>
+					<unique_key_name></unique_key_name>
+					<logical_name></logical_name>
+					<physical_name></physical_name>
+					<type>timestamp with time zone</type>
+					<constraint></constraint>
+					<default_value>transaction_timestamp()</default_value>
+					<auto_increment>false</auto_increment>
+					<foreign_key>false</foreign_key>
+					<not_null>false</not_null>
+					<primary_key>false</primary_key>
+					<unique_key>false</unique_key>
+					<character_set></character_set>
+					<collation></collation>
+					<sequence>
+						<name></name>
+						<schema></schema>
+						<increment></increment>
+						<min_value></min_value>
+						<max_value></max_value>
+						<start></start>
+						<cache></cache>
+						<cycle>false</cycle>
+						<order>false</order>
+						<description></description>
+						<data_type></data_type>
+						<decimal_size>0</decimal_size>
+					</sequence>
+				</normal_column>
+			</columns>
+			<indexes>
+			</indexes>
+			<complex_unique_key_list>
+			</complex_unique_key_list>
+			<table_properties>
+				<without_oids>true</without_oids>
+				<schema></schema>
+			</table_properties>
+		</table>
 	</contents>
 	<column_groups>
 	</column_groups>

File schema/hbbackend.sql

 DROP TABLE IF EXISTS VIRUSTOTAL_RESULTS;
 DROP TABLE IF EXISTS VIRUSTOTAL_REPORTS;
 DROP TABLE IF EXISTS BINARIES;
+DROP TABLE IF EXISTS GEOIP_SHADOWSERVER;
 DROP TABLE IF EXISTS IDENTS;
 DROP TABLE IF EXISTS IPS_SOURCE;
 DROP TABLE IF EXISTS IPS_TARGET;
 ) WITHOUT OIDS;
 
 
+CREATE TABLE GEOIP_SHADOWSERVER
+(
+	ID BIGSERIAL NOT NULL UNIQUE,
+	IP INET NOT NULL,
+	CC CHAR(2),
+	CITY VARCHAR,
+	LATITUDE FLOAT,
+	LONGITUDE FLOAT,
+	TS TIMESTAMP WITH TIME ZONE DEFAULT transaction_timestamp(),
+	PRIMARY KEY (ID)
+) WITHOUT OIDS;
+
+
 CREATE TABLE IDENTS
 (
 	ID BIGSERIAL NOT NULL UNIQUE,

File src/main/java/org/honeynet/hbbackend/shadowserver_geoip/ShadowserverGeoip.java

+package org.honeynet.hbbackend.shadowserver_geoip;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStreamReader;
+import java.io.PrintWriter;
+import java.net.Socket;
+import java.net.SocketTimeoutException;
+import java.net.UnknownHostException;
+import java.sql.Connection;
+import java.sql.PreparedStatement;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.regex.Pattern;
+
+import javax.annotation.Resource;
+import javax.ejb.EJBException;
+import javax.ejb.Schedule;
+import javax.ejb.Singleton;
+import javax.ejb.Startup;
+import javax.ejb.TransactionAttribute;
+import javax.ejb.TransactionAttributeType;
+import javax.jms.ConnectionFactory;
+import javax.jms.JMSException;
+import javax.jms.Message;
+import javax.jms.Session;
+import javax.jms.Topic;
+import javax.jms.TopicSubscriber;
+import javax.sql.DataSource;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+@Singleton
+@Startup
+public class ShadowserverGeoip {
+	private final static String SERVER = "asn.shadowserver.org";
+	private final static int SERVER_PORT = 45;
+	private final static int SO_TIMEOUT = 3000;
+    private final static Pattern SPLIT_REGEX = Pattern.compile("\\s\\|\\s");
+    
+    public static final String SUB_NAME = "shadowserver_geoip";
+	
+	private static Logger log = LoggerFactory.getLogger(ShadowserverGeoip.class);
+	
+	
+	@Resource(mappedName="jdbc/hbbackend")
+	private DataSource ds;
+	
+	@Resource(mappedName="jms/DurableConsumer/shadowserver_geoip")
+	private ConnectionFactory jmsConnectionFactory;
+	
+	@Resource(mappedName="jms/new_ip")
+	private Topic jms_new_ip;
+	
+	
+	private String emsg;
+	
+	
+	@Schedule(second="*/1", minute="*", hour="*", persistent=false)
+	@TransactionAttribute(TransactionAttributeType.REQUIRES_NEW)
+	public void work() {
+		log.trace("work()");
+		
+		javax.jms.Connection mq = null;
+		Session sess = null;
+		TopicSubscriber sub = null;
+
+		try {
+			mq = jmsConnectionFactory.createConnection();
+			sess = mq.createSession(true, 0);
+			sub = sess.createDurableSubscriber(jms_new_ip, SUB_NAME);
+			mq.start();
+			
+			Message msg = sub.receiveNoWait();
+			if (msg == null) return;
+			
+			String ip = msg.getStringProperty("ip");
+			log.debug("received new msg | ip = {}", ip);
+			
+			store(ip, retrieve(ip));
+		}
+		catch (JMSException e) {
+			log.error("got JMSException", e);
+			throw new EJBException(e);
+		}
+		finally {
+			try {
+				if (sub != null) sub.close(); 
+				if (sess != null) sess.close();
+				if (mq != null)	mq.close();
+			} catch (JMSException e) {
+				log.error("got JMSException while closing resource", e);
+			}
+		}
+	}
+	
+	
+	private Result retrieve(String ip) {
+		log.trace("retrieve()");
+		
+		try {
+			log.debug("querying {}:{} | ip={}", new Object[]{ SERVER, SERVER_PORT, ip });
+			Socket socket = new Socket(SERVER, SERVER_PORT);
+			socket.setSoTimeout(SO_TIMEOUT);
+			
+			BufferedReader in
+				= new BufferedReader(new InputStreamReader(socket.getInputStream(), "US-ASCII"));
+			PrintWriter out
+				= new PrintWriter(socket.getOutputStream());
+			
+			// request
+			out.println("begin geo");
+			out.println(ip);
+			out.println("end");
+			out.flush();
+			
+			// response
+			String response = in.readLine();
+			log.trace("response: {}", response);
+			
+			out.close();
+			in.close();
+			socket.close();
+			
+			if (response == null) {
+				emsg = "no response";
+				log.error(emsg);
+				throw new EJBException(emsg);
+			}
+			
+			// format: (0) ip | (1) country code | (2) (empty) | (3) (ignored) | (4) city | (5) latitude | (6) longitude
+			String[] responseFields = SPLIT_REGEX.split(response);
+			if (responseFields.length != 7) {
+				emsg = "invalid number of fields in response";
+				log.error(emsg);
+				throw new EJBException(emsg);
+			}
+			 
+			Result result = new Result();
+			int i = -1;
+			try {
+				result.cc = handleStringField(responseFields[i=1]);
+				result.city = handleStringField(responseFields[i=4]);
+				result.latitude = handleFloatField(responseFields[i=5]);
+				result.longitude = handleFloatField(responseFields[i=6]);
+			}
+			catch (ValidationException e) {
+				emsg = "invalid response: field " + i + ": " + e.getMessage();
+				log.error(emsg);
+				throw new EJBException(emsg);
+			}
+			
+			log.trace("parsed response: {}", result);
+			return result;
+		}
+		catch (UnknownHostException e) {
+			log.error("got UnknownHostException", e);
+			throw new EJBException(e);
+			
+		}
+		catch (SocketTimeoutException e) {
+			log.error("got SocketTimeoutException", e);
+			throw new EJBException(e);
+		}
+		catch (IOException e) {
+			log.error("got IOException", e);
+			throw new EJBException(e);
+		}
+	}
+	
+	
+	private void store(String ip, Result result) {
+		log.trace("retrieve()");
+		
+		Connection db = null;
+		try {
+			db = ds.getConnection();
+			
+			PreparedStatement pStmt;
+			ResultSet queryRes;
+			
+			long recordId;
+			
+			pStmt = db.prepareStatement("insert into geoip_shadowserver (ip, cc, city, latitude, longitude) values (inet(?),?,?,?,?) returning id");
+			pStmt.setString(1, ip);
+			pStmt.setString(2, result.cc);
+			pStmt.setString(3, result.city);
+			pStmt.setFloat(4, result.latitude);
+			pStmt.setFloat(5, result.longitude);
+			queryRes = pStmt.executeQuery();
+			queryRes.next();
+			recordId = queryRes.getLong(1);
+			queryRes.close();
+			pStmt.close();
+			log.debug("inserted into geoip_shadowserver | ip={} id={}", ip, recordId);
+		}
+		catch (SQLException e) {
+				log.error("got SQLException", e);
+				throw new EJBException(e);
+		}
+		finally {
+			try {
+				if (db != null)	db.close();
+			}
+			catch (SQLException e) {
+				log.error("got SQLException while closing resource", e);
+			}
+		}
+	}
+	
+	
+	private static String handleStringField(String value) throws ValidationException {
+		value = value.trim();
+    	if (value.equals("")) throw new ValidationException("empty field");
+        return value;
+	}
+	
+	private static float handleFloatField(String value) throws ValidationException {
+		value = value.trim();
+    	if (value.equals("")) throw new ValidationException("empty field");
+    	try {
+    		return Float.parseFloat(value);
+    	}
+    	catch (NumberFormatException e) {
+    		throw new ValidationException("number not parsable");
+		}
+	}
+	
+	
+	private static class Result {	
+		String cc;
+		String city;
+		float latitude;
+		float longitude;
+		
+		@Override
+		public String toString() {
+			return String.format(
+					"cc = %s | city = %s | latitude = %f | longitude = %f",
+					cc, city, latitude, longitude);
+		}
+	}
+	
+	private static class ValidationException extends Exception { 
+		public ValidationException(String msg) {
+			super(msg);
+		}
+	}
+}