internal static void AddWhiteListing(HttpContext current)
{
string currUrl = current.Request.Url.ToString();
string basePath = currUrl.Substring(0, currUrl.IndexOf(current.Request.Url.Host) + current.Request.Url.Host.Length);
// Set up proxy.
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
EndpointAddress endpoint = new EndpointAddress(basePath + "/_vti_bin/SharePresence/GateKeeperService.svc");
GateKeeperService.GateKeeperServiceClient service = new GateKeeperService.GateKeeperServiceClient(binding, endpoint);
service.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
string Referrer = current.Request.UrlReferrer == null ? string.Empty : current.Request.UrlReferrer.AbsoluteUri;
string UserAgent = current.Request.UserAgent == null ? string.Empty : current.Request.UserAgent;
service.GateKeeper(GateKeeperService.GateKeeperType.White, GateKeeperService.GateKeeperListing.GateKeeper_IPAddress, current.Request.UserHostAddress.ToString());
if (!string.IsNullOrEmpty(Referrer))
{
service.GateKeeper(GateKeeperService.GateKeeperType.White, GateKeeperService.GateKeeperListing.GateKeeper_Url, Referrer);
}
if (!string.IsNullOrEmpty(UserAgent))
{
service.GateKeeper(GateKeeperService.GateKeeperType.White, GateKeeperService.GateKeeperListing.GateKeeper_Useragent, UserAgent);
}
}
protected void btnAdd_Click(object sender, EventArgs e)
{
if (string.IsNullOrEmpty(txtUrl.Text))
{
return;
}
string currUrl = Request.Url.ToString();
string basePath = currUrl.Substring(0, currUrl.IndexOf(Request.Url.Host) + Request.Url.Host.Length);
// Set up proxy.
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
EndpointAddress endpoint = new EndpointAddress(basePath + "/_vti_bin/SharePresence/GateKeeperService.svc");
GateKeeperService.GateKeeperServiceClient service = new GateKeeperService.GateKeeperServiceClient(binding, endpoint);
service.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
service.GateKeeper(GateKeeperService.GateKeeperType.White, GateKeeperService.GateKeeperListing.GateKeeper_Url, txtUrl.Text);
Response.Redirect(Request.RawUrl, true);
}
internal static void AddHttp(HttpContext current, int threatscore, int visitortype, int lastactivity)
{
string currUrl = current.Request.Url.ToString();
string basePath = currUrl.Substring(0, currUrl.IndexOf(current.Request.Url.Host) + current.Request.Url.Host.Length);
// Set up proxy.
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
EndpointAddress endpoint = new EndpointAddress(basePath + "/_vti_bin/SharePresence/GateKeeperService.svc");
GateKeeperService.GateKeeperServiceClient service = new GateKeeperService.GateKeeperServiceClient(binding, endpoint);
service.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
string Referrer = current.Request.UrlReferrer == null ? string.Empty : current.Request.UrlReferrer.AbsoluteUri;
string UserAgent = current.Request.UserAgent == null ? string.Empty : current.Request.UserAgent;
string LastActivity = string.Format("{0} [{1}]", getLastActivity(lastactivity), lastactivity);
string ThreatLevel = string.Format("{0} [{1}]", getThreatLevel(threatscore), threatscore);
string VisitorType = string.Format("{0} [{1}]", getVisitorType(visitortype), visitortype);
service.HTTP(current.Request.UserHostAddress.ToString(), LastActivity, Referrer, ThreatLevel, UserAgent, VisitorType);
// execute eventHandler
onAddedEntry(current);
}
public static Boolean OnWhiteList(HttpContext current)
{
onBegin_Check(current);
// Using try catch in order to ensure eventhandler executes
try
{
// Check if request is for contact page url specified in config file
if (!string.IsNullOrEmpty(GateKeeperModule.config.ContactFormUrl) &&
Regex.IsMatch(current.Request.Url.AbsolutePath, GateKeeperModule.config.ContactFormUrl, RegexOptions.IgnoreCase))
{
//GateKeeperModule.log.Debug("Request for ContactPage - let them pass");
return(true);
}
if (current.Request.Url.AbsolutePath.Contains("GateKeeperService.svc"))
{
return(true);
}
string currUrl = current.Request.Url.ToString();
string basePath = currUrl.Substring(0, currUrl.IndexOf(current.Request.Url.Host) + current.Request.Url.Host.Length);
// Set up proxy.
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
EndpointAddress endpoint = new EndpointAddress(basePath + "/_vti_bin/SharePresence/GateKeeperService.svc");
GateKeeperService.GateKeeperServiceClient service = new GateKeeperService.GateKeeperServiceClient(binding, endpoint);
service.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
if (service.HasListing(GateKeeperService.GateKeeperType.White, GateKeeperService.GateKeeperListing.GateKeeper_IPAddress, current.Request.UserHostAddress))
{
return(true);
}
if (service.HasListing(GateKeeperService.GateKeeperType.White, GateKeeperService.GateKeeperListing.GateKeeper_Useragent, current.Request.UserAgent))
{
return(true);
}
if (service.HasListing(GateKeeperService.GateKeeperType.White, GateKeeperService.GateKeeperListing.GateKeeper_Url, current.Request.Url.AbsoluteUri))
{
return(true);
}
// Request did not match any of the whitelist checks
return(false);
}
catch (Exception ex)
{
ex.ToString();
}
finally
{ onEnd_Check(current); }
return(false);
}
internal static void AddWhiteListing(HttpContext current, GateKeeperService.GateKeeperListing listing, string value)
{
string currUrl = current.Request.Url.ToString();
string basePath = currUrl.Substring(0, currUrl.IndexOf(current.Request.Url.Host) + current.Request.Url.Host.Length);
// Set up proxy.
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
EndpointAddress endpoint = new EndpointAddress(basePath + "/_vti_bin/SharePresence/GateKeeperService.svc");
GateKeeperService.GateKeeperServiceClient service = new GateKeeperService.GateKeeperServiceClient(binding, endpoint);
service.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
service.GateKeeper(GateKeeperService.GateKeeperType.White, listing, value);
}
public static Boolean IsHoney(HttpContext current)
{
//GateKeeperModule.log.Debug("Entering isHoneyPotVoilator");
if (!honeypotUrl.IsMatch(current.Request.Url.AbsolutePath))
{
//GateKeeperModule.log.Debug("Honeypot url path was not found in the request path");
return(false);
}
if (GateKeeperModule.config.EnableHoneyPotLogging)
{
//GateKeeperModule.log.Debug("Adding violator into HoneyPot log");
AddHoneyPot(current);
}
// Add new entry in the ipaddress deny list
if (GateKeeperModule.config.PersistHoneyPotDeny)
{
string currUrl = current.Request.Url.ToString();
string basePath = currUrl.Substring(0, currUrl.IndexOf(current.Request.Url.Host) + current.Request.Url.Host.Length);
// Set up proxy.
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
EndpointAddress endpoint = new EndpointAddress(basePath + "/_vti_bin/SharePresence/GateKeeperService.svc");
GateKeeperService.GateKeeperServiceClient service = new GateKeeperService.GateKeeperServiceClient(binding, endpoint);
service.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
service.GateKeeper(GateKeeperService.GateKeeperType.Black, GateKeeperService.GateKeeperListing.GateKeeper_IPAddress, current.Request.UserHostAddress.ToString());
}
// if NotifyAdmin is enabled then send an email
if (GateKeeperModule.config.NotifyAdmin)
{
Smtp.SendNotification(current);
}
onViolation(current);
//GateKeeperModule.log.Debug("Leaving isHoneyPotVoilator");
return(true);
}
internal static void AddHoneyPot(HttpContext current)
{
string currUrl = current.Request.Url.ToString();
string basePath = currUrl.Substring(0, currUrl.IndexOf(current.Request.Url.Host) + current.Request.Url.Host.Length);
// Set up proxy.
BasicHttpBinding binding = new BasicHttpBinding();
binding.Security.Mode = BasicHttpSecurityMode.TransportCredentialOnly;
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Ntlm;
EndpointAddress endpoint = new EndpointAddress(basePath + "/_vti_bin/SharePresence/GateKeeperService.svc");
GateKeeperService.GateKeeperServiceClient service = new GateKeeperService.GateKeeperServiceClient(binding, endpoint);
service.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;
string Referrer = current.Request.UrlReferrer == null ? string.Empty : current.Request.UrlReferrer.AbsoluteUri;
string UserAgent = current.Request.UserAgent == null ? string.Empty : current.Request.UserAgent;
service.HoneyPot(current.Request.UserHostAddress.ToString(), Referrer, UserAgent);
// execute eventHandler
onAddedEntry(current);
}