guillaume
/
project_honeypot
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity
A ruby wrapper for the Project Honeypot's DNS API (forked from https://github.com/cmaxw/project-honeypot )
10 Commits
1 Branch
3 Tags
31 KiB
Ruby 100%
 
Go to file
Guillaume DOTT 3f93bf1fa2 Add configuration class and modify lookup to use this configuration 
To configure the module, you can use :
ProjectHoneypot.configure do
  @api_key = 'API_KEY'
end
To access, the variable, use :
ProjectHoneypot.api_key

The lookup method has been modified to be backward compatible
and use the defined api_key if available.
 		2012-12-19 09:31:17 +01:00
lib Add configuration class and modify lookup to use this configuration 2012-12-19 09:31:17 +01:00
spec the gem appears to work now 2010-10-20 23:07:24 -06:00
Gemfile version 0.1.1 2010-10-27 22:13:06 -06:00
Gemfile.lock the gem appears to work now 2010-10-20 23:07:24 -06:00
MIT-LICENSE include base files. MIT License. Create gemspec 2010-10-20 13:32:24 -06:00
README.rdoc added todos to readme file 2010-10-27 22:23:43 -06:00
project-honeypot-0.1.1.gem version 0.1.1 2010-10-27 22:13:06 -06:00
project-honeypot.gemspec version 0.1.1 2010-10-27 22:13:06 -06:00

README.rdoc 

= Project Honeypot

Project Honeypot is a programmatic interface to the Project Honeypot HTTP:BL service for identifying suspicious ip addresses.
This Gem was built to filter out spammers on http://www.tweetburner.com.

It is a handy thing to be able to identify spammers, harvesters, and other suspicious IP addresses if you're worried about who might be abusing your service.

= Requirements

This Gem requires that you have an Http:BL API key from Project Honeypot. You can get one at http://projecthhoneypot.org

= Usage

HTTP:BL lookups through Project Honeypot result in a Url object that gives you the risk score, last activity, and types of offenses the ip address is listed for.

The score is worse the higher it is and the last_activity is in days.

== Example #1: Suspicious IP Address

Given an api key of "abcdefghijkl"

  @listing = ProjectHoneypot.lookup("abcdefghijkl", "192.168.1.1")
  @listing.safe?
  # => false

  @listing.ip_address
  # => "192.168.1.1"

  @listing.score
  # => 63

  @listing.last_activity
  # => 1

  @listing.offenses
  # => [:comment_spammer, :suspicious]

  @listing.comment_spammer?
  # => true

  @listing.suspicious?
  # => true

  @listing.harvester?
  # => false

== Example #2: Safe IP Address

  @listing = ProjectHoneypot.lookup("abcdefghijkl", "192.168.1.1")
  @listing.safe?
  # => true

  @listing.ip_address
  # => "192.168.1.1"

  @listing.score
  # => 0

  @listing.last_activity
  # => nil

  @listing.offenses
  # => []

  @listing.comment_spammer?
  # => false

  @listing.suspicious?
  # => false

  @listing.harvester?
  # => false

= To Do Items

- Cache Responses from Project Honeypot
- Allow 'safe?' to be configurable (algorithm based on recency and severity(score))
- A .yml config file