void Service_ClientIpAddressSoftLocked(object sender, EventArgs e) { ClientOperationInformation op = (ClientOperationInformation)sender; IntrusionLog.AddEntry(DateTime.Now, op.AgentId, op.IpAddress, IntrusionLog.STATUS_SOFT_LOCKED, false); SendInfoMail(sender, LockType.SoftLock); }
void OnClientIpAddressSoftLocked(Lock lockItem, Exception ex, Guid agentId) { if (this.ClientIpAddressSoftLocked != null) { ClientOperationInformation co = GetClientOperationInformation(lockItem.IpAddress, ex, "soft"); co.AgentId = agentId; ClientIpAddressSoftLocked(co, EventArgs.Empty); } }
void Service_ClientIpAddressUnlocked(object sender, EventArgs e) { ClientOperationInformation op = (ClientOperationInformation)sender; if (op.HasError) { IntrusionLog.AddEntry(DateTime.Now, IntrusionLog.GetSystemId(), op.IpAddress, IntrusionLog.STATUS_UNLOCK_ERROR, false); } else { IntrusionLog.AddEntry(DateTime.Now, IntrusionLog.GetSystemId(), op.IpAddress, IntrusionLog.STATUS_UNLOCKED, false); } SendInfoMail(sender, LockType.None); }
void SendInfoMail(object o, LockType lockOperation) { //if (!Configuration.Instance.IntrusionDetectionConfiguration.SendInfoMail) return; //if (!IddsConfig.Instance.SendInfoMail) return; if (o == null || !(o is ClientOperationInformation)) { return; } ClientOperationInformation op = (ClientOperationInformation)o; try { string subject = string.Empty; switch (lockOperation) { case LockType.None: if (!NotificationSettings.Instance.OnUnlock) { return; } subject = "Cyberarms IDDS: Unlock notification (" + op.IpAddress + ")"; break; case LockType.SoftLock: if (!NotificationSettings.Instance.OnSoftLock) { return; } subject = "Cyberarms IDDS: Soft lock notification (" + op.IpAddress + ")"; break; case LockType.HardLock: if (!NotificationSettings.Instance.OnHardLock) { return; } subject = "Cyberarms IDDS: Hard lock notification (" + op.IpAddress + ")"; break; } SendMail(subject, op.Message); } catch (Exception ex) { WindowsLogManager.Instance.WriteEntry("Error while sending notification email.\r\n" + ex.Message, EventLogEntryType.Error, Globals.CYBERARMS_EVENT_ID_INVALID_FUNCTION_CALL, Globals.CYBERARMS_LOG_CATEGORY_PLUGIN); } }
private ClientOperationInformation GetClientOperationInformation(string ipAddress, Exception ex, string info) { ClientOperationInformation op = new ClientOperationInformation(); op.IpAddress = ipAddress; op.Exception = ex; if (ex != null) { op.HasError = true; op.Message = "Error while trying to " + info + " lock client with IP address " + ipAddress + ":\r\n" + ex.Message; } else { op.Message = "Client with IP address " + ipAddress + " was " + info + " locked"; } return(op); }
void OnClientIpAddressUnlocked(Lock lockItem, Exception ex) { if (ClientIpAddressUnlocked != null) { ClientOperationInformation op = new ClientOperationInformation(); op.IpAddress = lockItem.IpAddress; op.Exception = ex; op.AgentId = IntrusionLog.GetSystemId(); if (ex != null) { op.HasError = true; op.Message = "Error while unlocking " + lockItem.IpAddress + ":\r\n" + ex.Message; } else { op.Message = "Client with IP address " + lockItem.IpAddress + " was unlocked"; } ClientIpAddressUnlocked(op, EventArgs.Empty); } }