##Brisket
###About
The primary purpose of this application is to scan, store, and prepare Cloud Server Provider (CSP) guest/instance/host data for further statistical and trend analysis.
Description
See the position paper for a sneak peak into what this project was created for.
Scanner Placement
Scanners are hosted in several North American, European, and Asia/Pacific countries (blue). The main analysis server (a.k.a. CloudCooker) is located in the US (black).
bundle install to install the gems listed in the Gemfile.
###Usage ####trim.rb Cooking Note: You must trim the brisket before adding the rub to it.
Used to prepare the scan configuration file with the appropriate set of ports for the scan.
$ sudo ./trim.rb ports masscan
Where ports is one of the following options:
- remote - common remote access server ports
- apps - common application server ports
- www - common web server ports
- mail - common mail ports
- ms - common Microsoft ports
- db - common database ports
- special - special ports for selective scanning
- all - all of the above ports
e.g.
$ sudo ./trim.rb remote masscan
####rub.rb Cooking Note: Once trimmed, the brisket must be seasoned.
Used to call the scanner and export the results in the appropriate results date directory and file.
$ sudo ./rub.rb region scanner
Where region is one of the following options:
- apac
- europe
- us_east
- us_west
- us_all
- south_america
- all
and where scanner is one of the following options:
- masscan - the masscan scanner
- nmap - the nmap scanner
- nmap_virtual - the nmap scanner with configurations for virtual interfaces
- zmap - the zmap scanner
e.g.
$ sudo ./rub.rb apac masscan
####mop.rb Keep it moist if you want to win!
Script to convert the various results formats into a common .csv file format.
$ sudo ./mop.rb scanner date
Where scanner is one of the following options:
- masscan - the masscan scanner
- nmap - the nmap scanner
- zmap - the zmap scanner
and where date is the date directory that contains the scanner results files to convert in M/D/YYYY format.
e.g.
$ sudo ./mop.rb masscan 2/3/2014
Note - For March 2, 2014 the directory structure would be 2014/3/2 and should be entered as 2/3/2014.
####injector.rb Add marinade to the brisket to keep it moist on the inside...
Script to archive, transfer, and cleanup scan data. All scanner results are archived using tar and bzip2. The daily archive file is transferred to the CloudCooker for futher processing. Local scan results and the daily archive are deleted upon transmission to the CloudCooker.
$ sudo ./injector.rb
####fixins.rb Cooking Note: It just ain't a BBQ without some proper fixins to make the meal complete.
This script downloads and unpacks the most recent GeoLiteCity database file for use in converting IP addresses to latitude and longitude data.
$ sudo ./fixins.rb city
###Contact
To provide any feedback or ask any questions please reach out to Andrew Hay on Twitter at @andrewsmhay or CloudPassage at @cloudpassage.
###About CloudPassage CloudPassage is the leading cloud infrastructure security company and creator of Halo, the industry's first and only security and compliance platform purpose-built for elastic cloud environments. Halo's patented architecture operates seamlessly across any mix of software-defined data center, public cloud, and even hardware infrastructure. Industry-leading enterprises including multiple trust Halo to protect their cloud and software-defined datacenter environments. Headquartered in San Francisco, CA, CloudPassage is backed by Benchmark Capital, Tenaya Capital, Shasta Ventures, and other leading investors. For more information, please visit http://www.cloudpassage.com.
CloudPassage® and Halo® are registered trademarks of CloudPassage, Inc.
React
Typescript
Django
Laravel
Facebook
Microsoft
Google
Alibaba
D3
Tencent