/// <summary> /// Lookup an IP address on Project Honey Pot. /// </summary> /// <param name="address">IP address to query for</param> /// <returns>The response from Project Honey Pot. Null probably means the address is clean.</returns> //public static BlackListResponse LookupAddress(IPAddress address) //{ // if (address == null) throw new ArgumentException("IP address cannot be null."); // byte[] ipBytes = address.GetAddressBytes(); // IPAddress[] result = null; // try // { // result = Dns.GetHostAddresses(string.Format("{0}.{1}.{2}.{3}.{4}.dnsbl.httpbl.org", BlackListResponse.AccessKey, ipBytes[3], ipBytes[2], ipBytes[1], ipBytes[0])); // } // catch (System.Net.Sockets.SocketException ex) // { // //Assume it was a valid address, therefore return nothing. // return null; // } // if (result.Length == 0) return null; // return new BlackListResponse(result[0]); //} /// <summary> /// Lookup an IP address on Project Honey Pot. /// </summary> /// <param name="address">IP address to query for</param> /// <returns>The response from Project Honey Pot. Null probably means the address is clean.</returns> //public static BlackListResponse LookupAddress(string address) //{ // try // { // if (address.Contains(",")) // { // string[] arr = address.Split(','); // address = arr[0]; // } // if (Regex.IsMatch(address, "(?:\\d{1,3}\\.){3}\\d{1,3}")) // return BlackListResponse.LookupAddress(IPAddress.Parse(address)); // else // return null; // } // catch // { // return null; // } //} /// <summary> /// Returns the last response, if available. /// </summary> /// <returns>BlackList response object</returns> public static BlacklistResponse GetLastBlacklistResponse() { System.Web.HttpContext context = System.Web.HttpContext.Current; BlacklistResponse ret = null; if (context.Request.QueryString["a"] != null && context.Request.QueryString["i"] != null) { ret = new BlacklistResponse(); ret.Init(IPAddress.Parse(context.Request.QueryString["a"])); ret._Address = IPAddress.Parse(context.Request.QueryString["i"]); //ret._LastActivity = new TimeSpan(int.Parse(context.Request.QueryString["la"]), 0, 0, 0); //ret._ThreatScore = int.Parse(context.Request.QueryString["ts"]); //ret._Type = (VistorType)int.Parse(context.Request.QueryString["t"]); //ret._Address = IPAddress.Parse(context.Request.QueryString["a"]); } return(ret); }
void context_BeginRequest(object source, EventArgs e) { HttpApplication app = (HttpApplication)source; if (app.Request.Url.AbsolutePath == BlacklistConfig.GetConfig().BlockedUrl) { return; } if (BlacklistResponse.HasCookie()) { return; } BlacklistResponse response = null; if (BlacklistConfig.GetConfig().TestMode) { response = BlacklistResponse.Test(); } else { response = new BlacklistResponse(app.Request.ServerVariables[BlacklistConfig.GetConfig().IPHeader]); } if (response.VisitorType == VisitorTypes.Unknown) { return; } if (BlacklistConfig.GetConfig().IgnoreSearchEngines&& response.VisitorType == VisitorTypes.SearchEngine) { return; } if (response.ThreatScore <= BlacklistConfig.GetConfig().Threshold) { return; } app.Response.Redirect(BlacklistConfig.GetConfig().BlockedUrl + response.ToQueryString() + "&l=" + app.Request.Url.ToString()); }