cmaxw/project-honeypot

语言: Ruby

git: https://github.com/cmaxw/project-honeypot

Project Honeypot的DNS API的ruby包装器
A ruby wrapper for the Project Honeypot's DNS API
README.md (中文)

=项目蜜罐

Project Honeypot是Project Honeypot HTTP:BL服务的编程接口,用于识别可疑的IP地址。 此Gem旨在过滤掉http://www.tweetburner.com上的垃圾邮件发送者。

如果您担心谁可能滥用您的服务,那么能够识别垃圾邮件发送者,收集者和其他可疑IP地址是一件很方便的事情。

=要求

这个Gem要求你有一个来自Project Honeypot的Http:BL API密钥。您可以在http://www.projecthoneypot.org/上找到一个

=用法

HTTP:BL通过Project Honeypot查找会导致Url对象,该对象为您提供风险评分,最后活动以及列出IP地址的攻击类型。

分数越高越好,last_activity以天为单位。

==示例#1:可疑IP地址

鉴于apc键“abcdefghijkl”

@listing = ProjectHoneypot.lookup(“abcdefghijkl”,“192.168.1.1”)   @ listing.safe?   #=> false

@ listing.ip_address   #=>“192.168.1.1”

@ listing.score   #=> 63

@ listing.last_activity   #=> 1

@ listing.offenses   #=> [:comment_spammer,:suspicious]

@ listing.comment_spammer?   #=>是的

@ listing.suspicious?   #=>是的

@ listing.harvester?   #=> false

==示例#2:安全IP地址

@listing = ProjectHoneypot.lookup(“abcdefghijkl”,“192.168.1.1”)   @ listing.safe?   #=>是的

@ listing.ip_address   #=>“192.168.1.1”

@ listing.score   #=> 0

@ listing.last_activity   #=>无

@ listing.offenses   #=> []

@ listing.comment_spammer?   #=> false

@ listing.suspicious?   #=> false

@ listing.harvester?   #=> false

=待办事项

  • 缓存Project Honeypot的响应
  • 允许'安全吗?'可配置(基于新近度和严重性(得分)的算法)
  • 一个.yml配置文件

本文使用googletrans自动翻译,仅供参考, 原文来自github.com

en_README.md

= Project Honeypot

Project Honeypot is a programmatic interface to the Project Honeypot HTTP:BL service for identifying suspicious ip addresses.
This Gem was built to filter out spammers on http://www.tweetburner.com.

It is a handy thing to be able to identify spammers, harvesters, and other suspicious IP addresses if you're worried about who might be abusing your service.

= Requirements

This Gem requires that you have an Http:BL API key from Project Honeypot. You can get one at http://www.projecthoneypot.org/

= Usage

HTTP:BL lookups through Project Honeypot result in a Url object that gives you the risk score, last activity, and types of offenses the ip address is listed for.

The score is worse the higher it is and the last_activity is in days.

== Example #1: Suspicious IP Address

Given an api key of "abcdefghijkl"

@listing = ProjectHoneypot.lookup("abcdefghijkl", "192.168.1.1")
@listing.safe?
# => false

@listing.ip_address
# => "192.168.1.1"

@listing.score
# => 63

@listing.last_activity
# => 1

@listing.offenses
# => [:comment_spammer, :suspicious]

@listing.comment_spammer?
# => true

@listing.suspicious?
# => true

@listing.harvester?
# => false

== Example #2: Safe IP Address

@listing = ProjectHoneypot.lookup("abcdefghijkl", "192.168.1.1")
@listing.safe?
# => true

@listing.ip_address
# => "192.168.1.1"

@listing.score
# => 0

@listing.last_activity
# => nil

@listing.offenses
# => []

@listing.comment_spammer?
# => false

@listing.suspicious?
# => false

@listing.harvester?
# => false

= To Do Items

  • Cache Responses from Project Honeypot
  • Allow 'safe?' to be configurable (algorithm based on recency and severity(score))
  • A .yml config file