Select Git revision
example-sender-random.pl.txt
example-sender-random.pl.txt 2.22 KiB
#!/usr/bin/perl -w
#
# Copyright (C) 2011-2013 Cesnet z.s.p.o
#
# Use of this source is governed by a BSD-style license, see LICENSE file.
use Switch;
use strict;
use DateTime;
my $warden_path = '/opt/warden-client';
require $warden_path . '/lib/WardenClientSend.pm';
my $service = "test";
# service is needed in authorization process of the client,
# therefore it can not be set randomly
#switch (int(rand(3) + 0.5)) {
# case 1 { $service = 'ScanDetector'; }
# case 2 { $service = 'PhiGaro'; }
# case 3 { $service = 'HoneyScan'; }
# }
my $detected = DateTime->from_epoch(epoch => time());
my $type = "";
switch (int(rand(10) + 0.5)) {
case 1 { $type = 'portscan'; }
case 2 { $type = 'bruteforce'; }
case 3 { $type = 'spam'; }
case 4 { $type = 'phishing'; }
case 5 { $type = 'botnet_c_c'; }
case 6 { $type = 'dos'; }
case 7 { $type = 'malware'; }
case 8 { $type = 'copyright'; }
case 9 { $type = 'webattack'; }
case 10 { $type = 'other'; }
}
my $source_type = "";
switch (int(rand(3) + 0.5)) {
case 1 { $source_type = 'IP'; }
case 2 { $source_type = 'URL'; }
case 3 { $source_type = 'Reply-To:'; }
}
my $source = (int(rand(254) + 0.5) + 1) . "." . (int(rand(254) + 0.5) + 1) . "." . (int(rand(254) + 0.5) + 1) . "." . (int(rand(254) + 0.5) + 1);
my $target_proto = "";
switch (int(rand(2) + 0.5)) {
case 1 { $target_proto = 'TCP'; }
case 2 { $target_proto = 'UDP'; }
}
my $target_port = "";
switch (int(rand(6) + 0.5)) {
case 1 { $target_port = '22'; }
case 2 { $target_port = '23'; }
case 3 { $target_port = '25'; }
case 4 { $target_port = '443'; }
case 5 { $target_port = '3389'; }
case 6 { $target_port = 'null'; }
}
my $attack_scale = (int(rand(100000) + 0.5) + 1000);
my $note = "tohle je takova normalni jednoducha poznamka";
my $priority = int(rand(255) + 0.5);
my $timeout = int(rand(255) + 0.5);
my @event = (
$service, # $service
"$detected", # $detected
$type, # $type
$source_type, # $source_type
$source, # $source
$target_proto, # $target_proto
$target_port, # $target_port
$attack_scale, # $attack_scale
$note, # $note
$priority, # $priority
$timeout, # $timeout
);
WardenClientSend::saveNewEvent($warden_path, \@event);
#foreach (@event) {
# print "$_\n";
#}