private List <XML_Node> black_list = null; // TODO: Dunja - da li ovo treba u konstruktoru klase ?
public XML_Provider()
{
if ((black_list = XML_Worker.Instance().XML_Read()) == null)
{
Console.WriteLine("Error while reading Black List from file.");
black_list = new List <XML_Node>();
}
}
public static void Main(string[] args)
{
Console.ReadLine();
MST_Server server_MST = new MST_Server();
server_MST.Open();
XML_Server server_XML = new XML_Server();
server_XML.Open();
// **********************************************************************************
List <XML_Node> lista = new List <XML_Node>();
lista.Add(new XML_Node("user1", "*", "notepad"));
lista.Add(new XML_Node("user2", "*", "chrome"));
lista.Add(new XML_Node("*", "Group5", "GitHubDesktop"));
XML_Worker.Instance().XML_Write(lista); // Poziv upisa
List <XML_Node> lista2 = new List <XML_Node>(); // xml se nalazi u debag folderu
lista2 = XML_Worker.Instance().XML_Read(); // Poziv iscitavanja
//foreach (XML_Node n in lista2)
//{
// Console.WriteLine(n.UserId + " " + n.UserGroup + " " + n.ProcessName);
//}
// **********************************************************************************
ThreadFunction tf = new ThreadFunction();
Thread t = new Thread(tf.DetectProcesses);
t.Start();
Console.WriteLine("Press any key to close all hosts...");
Console.ReadKey();
// close hosts MST
server_MST.Close();
server_XML.Close();
Console.WriteLine("Press any key to exit...");
Console.ReadKey();
}
public void LiftUserInGroupBan(string userID, string groupID, string processName)
{
if ((black_list = XML_Worker.Instance().XML_Read()) == null)
{
Console.WriteLine("Error while reading Black List from file.");
black_list = new List <XML_Node>();
}
black_list.RemoveAll(n => ((n.UserId == userID) && (n.UserGroup == groupID) && (n.ProcessName == processName)));
XML_Worker.Instance().XML_Write(black_list);
}
public void ForbidProcess(string processName)
{
if ((black_list = XML_Worker.Instance().XML_Read()) == null)
{
Console.WriteLine("Error while reading Black List from file.");
black_list = new List <XML_Node>();
}
XML_Node n = new XML_Node("*", "*", processName);
black_list.Add(n);
XML_Worker.Instance().XML_Write(black_list);
}
public void BanUserInGroup(string userID, string groupID, string processName)
{
if ((black_list = XML_Worker.Instance().XML_Read()) == null)
{
Console.WriteLine("Error while reading Black List from file.");
black_list = new List <XML_Node>();
}
XML_Node n = new XML_Node(userID, groupID, processName);
black_list.Add(n);
XML_Worker.Instance().XML_Write(black_list);
}
public void DetectProcesses()
{
while (true)
{
Process[] processlist = Process.GetProcesses(Environment.MachineName);
NetTcpBinding binding = new NetTcpBinding();
EndpointAddress address = new EndpointAddress("net.tcp://localhost:9001/ISP_Service"); // TODO: nece biti local host
foreach (Process theprocess in processlist)
{
Console.WriteLine("Process: {0}, process user: {1}", theprocess.ProcessName, GetProcessOwner(theprocess.Id));
// TODO: sastavljanje paketa IPS-u za nedozvoljenu kombinaciju 'processName - user'
List <XML_Node> black_list = new List <XML_Node>(); // xml se nalazi u debag folderu
black_list = XML_Worker.Instance().XML_Read(); // Poziv iscitavanja
foreach (XML_Node n in black_list)
{
// Console.WriteLine(n.UserId + " " + n.UserGroup + " " + n.ProcessName);
if (theprocess.ProcessName == n.ProcessName)
{
if ((GetProcessOwner(theprocess.Id) == (Environment.MachineName + "\\" + n.UserId)) && IsUserInGroup(GetProcessOwner(theprocess.Id), n.UserGroup) == true)
{
// CASE: user1, group1
MalwareDetection(theprocess);
}
else if ((GetProcessOwner(theprocess.Id) == (Environment.MachineName + "\\" + n.UserId)) || IsUserInGroup(GetProcessOwner(theprocess.Id), n.UserGroup) == true)
{
// CASE: user1, *
// CASE: * , group1
MalwareDetection(theprocess);
}
else
{
// CASE: * , *
MalwareDetection(theprocess);
}
}
}
}
Thread.Sleep(10000);
}
}
public void AllowProcess(string processName)
{
if ((black_list = XML_Worker.Instance().XML_Read()) == null)
{
Console.WriteLine("Error while reading Black List from file.");
black_list = new List <XML_Node>();
}
black_list.RemoveAll(n => (n.ProcessName == processName));
//foreach(XML_Node n in black_list)
//{
// if(n.ProcessName == processName)
// {
// black_list.Remove(n);
// }
//}
XML_Worker.Instance().XML_Write(black_list);
}
public void LiftGroupBan(string groupID, string processName)
{
if ((black_list = XML_Worker.Instance().XML_Read()) == null)
{
Console.WriteLine("Error while reading Black List from file.");
black_list = new List <XML_Node>();
}
black_list.RemoveAll(n => ((n.UserGroup == groupID) && (n.ProcessName == processName)));
//foreach(XML_Node n in black_list) // TODO: da li moze ovakvo brisanje u listi
//{
// if((n.UserGroup == groupID) && (n.ProcessName == processName))
// {
// black_list.Remove(n);
// }
//}
XML_Worker.Instance().XML_Write(black_list);
}