281d5f6ebf
This commit introduces several significant changes to improve the security and configuration management of the application.
Encryption of Sensitive Data: We've introduced encryption for sensitive data such as database passwords. This is done using the Blowfish algorithm. The encryption and decryption methods are added to the Utilities module. The encryption is applied when the user enters their database password during the first run setup. The encrypted password is then stored in the .env file. When the application needs to use the password, it is decrypted using the key that was generated during encryption.
Switch from YAML to .env for Configuration Storage: The application now uses a .env file for storing configuration data instead of a YAML file. This change was made to take advantage of the .env file's ability to store environment variables, which can be easily accessed by the application. The .env file stores the database username, encrypted password, encryption key, and database name.
First Run Setup Changes: The FirstRunInit class has been updated to ask the user for their database details, encrypt the password, and store these details in the .env file. It also checks if any of the necessary details are missing and runs the first run setup if they are.
Database Connection Testing: The DatabaseManager class now decrypts the password before using it to test the database connection. It also checks if the password or key are nil before attempting to decrypt the password.
Logging: A new LoggMan class has been added to handle logging. This class provides a simple method for logging messages, which can be used throughout the application to log errors or other important information.
Bug Fixes and Error Handling: Several bugs were fixed and error handling was improved. For example, a bug that caused the application to crash if the .env file was missing has been fixed. Also, the application now checks if the .env file exists and creates it if it doesn't.
These changes significantly improve the security, reliability, and usability of the application.
|
||
|---|---|---|
| .github/ISSUE_TEMPLATE | ||
| bin | ||
| Glade | ||
| lib | ||
| Modules | ||
| TUI | ||
| .gitignore | ||
| .ruby-version | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| README.md | ||
| SECURITY.md | ||
| TODO.md | ||
NETRAVE: Network Environment for Threat Response and Advanced Vulnerability Extermination
Come chat with us on
Table of Contents
- Introduction
- About NETRAVE
- About the Developer
- Technical Overview
- Modular Design
- Contributing
- Contact
- Conclusion
Introduction
Welcome to NETRAVE, a cybersecurity solution designed to provide a high level of security, vigilance, and response to threats, ensuring that network environments remain secure and resilient. This README provides a comprehensive overview of the software, its purpose, functions, objectives, and unique methods of handling issues/challenges.
About NETRAVE
NETRAVE is an acronym for Network Environment for Threat Response and Advanced Vulnerability Extermination. It is a modular cybersecurity software that aims to provide a high level of security, vigilance, and response to threats, ensuring that network environments remain secure and resilient.
About the Developer
Connor Crawford, also known as Vetheon, is currently the only developer behind NETRAVE. With over 8 years of experience in the private sector, Connor has a wealth of knowledge and expertise in software development, particularly in the realm of cybersecurity. Recognizing the need for more transparency and open-source solutions in cybersecurity, he began producing open-source software, with NETRAVE being one of his first flagship projects and his first ever large project written in Ruby.
Technical Overview
NETRAVE is designed with a modular architecture, which allows for easy customization, upgrades, and maintenance. Each module in NETRAVE is designed to perform a specific function, and they can work independently or in harmony, depending on the needs of the user.
The software is built using Ruby, a high-level, interpreted programming language that emphasizes simplicity and productivity. Ruby's dynamic typing and object-oriented design make it an ideal choice for a modular system like NETRAVE.
Modular Design
The modular design of NETRAVE is one of its key features. Each module is designed to perform a specific function, and they can work independently or in harmony, depending on the needs of the user. This design allows for easy customization, upgrades, and maintenance.
The modular design also allows for easy expansion. New modules can be added to the system as needed, providing additional functionality without disrupting the existing system. This flexibility makes NETRAVE a scalable solution that can adapt to the changing needs of a network environment.
Contributing
NETRAVE is an open-source project, and contributions are welcome. If you're interested in contributing, please fork the repository and make your changes. Once you're done, submit a pull request. All contributions, no matter how small, are greatly appreciated.
If you're looking for something to do, you can have a look in our TODO List
Contact
Connor is always open to receiving questions. If you have any questions, suggestions, or just want to say hi, you can reach him at vetheon@pixelatedstudios.net or on discord via VetheonGames#0001.
Conclusion
NETRAVE is a robust, modular cybersecurity solution that provides a high level of security, vigilance, and response to threats. Its open-source nature and modular design make it a flexible and adaptable solution that can meet the changing needs of any network environment. Whether you're a network administrator looking for a comprehensive security solution, or a developer interested in contributing to an open-source project, NETRAVE has something to offer you.