e50eac31b2
This commit introduces substantial enhancements to both the NetworkingGenie class and the Utilities module, focusing on the secure usage of sudo permissions, improved error handling, and the creation of new sudo methods. 1. Secure Sudo Usage: The `use_sudo` method from the Utilities module is now integrated within the `find_main_interface`, `create_dummy_interface`, and `setup_traffic_mirroring` methods of the NetworkingGenie class. This method ensures that commands requiring sudo permissions are executed securely. It achieves this by encrypting the sudo password, using it for the required command, and then immediately clearing it from memory. This approach significantly enhances the security of operations that require elevated permissions. 2. New Sudo Methods in Utilities Module: This commit introduces several new methods in the Utilities module to handle sudo operations securely. The `ask_for_sudo`, `test_sudo`, `deescalate_sudo`, and `use_sudo` methods have been created. These methods handle the secure acquisition, testing, de-escalation, and usage of sudo permissions, respectively. They ensure that sudo operations are performed securely and efficiently, with the sudo password being encrypted and cleared from memory immediately after use. 3. Improved Error Handling: The error handling within the `setup_traffic_mirroring` method has been refined. Now, when an exception is raised during the execution of a command, the error message is not only logged using the LoggMan logger but also an alert is enqueued into the AlertQueueManager. This dual approach ensures that errors are properly logged for debugging purposes and also communicated to the user in real-time. 4. AlertQueueManager Integration: The `initialize` method of NetworkingGenie has been updated to accept an `alert_queue_manager` parameter. This allows the NetworkingGenie class to enqueue alerts directly into the AlertQueueManager, thereby improving the communication of errors and important information to the user. 5. Dummy Interface Creation: The `create_dummy_interface` method now checks if the dummy interface already exists before attempting to create it. This prevents unnecessary system calls and potential errors. These modifications significantly contribute to the overall security and reliability of the NETRAVE system. They ensure that network setup and traffic mirroring operations are performed securely and efficiently, with clear and immediate communication of any issues that may occur. |
||
|---|---|---|
| .github/ISSUE_TEMPLATE | ||
| bin | ||
| Glade | ||
| lib | ||
| Modules | ||
| TUI | ||
| .gitignore | ||
| .ruby-version | ||
| CODE_OF_CONDUCT.md | ||
| CONTRIBUTING.md | ||
| LICENSE | ||
| README.md | ||
| SECURITY.md | ||
| TODO.md | ||
NETRAVE: Network Environment for Threat Response and Advanced Vulnerability Extermination
Come chat with us on
Table of Contents
- Introduction
- About NETRAVE
- About the Developer
- Technical Overview
- Modular Design
- Contributing
- Contact
- Conclusion
Introduction
Welcome to NETRAVE, a cybersecurity solution designed to provide a high level of security, vigilance, and response to threats, ensuring that network environments remain secure and resilient. This README provides a comprehensive overview of the software, its purpose, functions, objectives, and unique methods of handling issues/challenges.
About NETRAVE
NETRAVE is an acronym for Network Environment for Threat Response and Advanced Vulnerability Extermination. It is a modular cybersecurity software that aims to provide a high level of security, vigilance, and response to threats, ensuring that network environments remain secure and resilient.
About the Developer
Connor Crawford, also known as Vetheon, is currently the only developer behind NETRAVE. With over 8 years of experience in the private sector, Connor has a wealth of knowledge and expertise in software development, particularly in the realm of cybersecurity. Recognizing the need for more transparency and open-source solutions in cybersecurity, he began producing open-source software, with NETRAVE being one of his first flagship projects and his first ever large project written in Ruby.
Technical Overview
NETRAVE is designed with a modular architecture, which allows for easy customization, upgrades, and maintenance. Each module in NETRAVE is designed to perform a specific function, and they can work independently or in harmony, depending on the needs of the user.
The software is built using Ruby, a high-level, interpreted programming language that emphasizes simplicity and productivity. Ruby's dynamic typing and object-oriented design make it an ideal choice for a modular system like NETRAVE.
Modular Design
The modular design of NETRAVE is one of its key features. Each module is designed to perform a specific function, and they can work independently or in harmony, depending on the needs of the user. This design allows for easy customization, upgrades, and maintenance.
The modular design also allows for easy expansion. New modules can be added to the system as needed, providing additional functionality without disrupting the existing system. This flexibility makes NETRAVE a scalable solution that can adapt to the changing needs of a network environment.
Contributing
NETRAVE is an open-source project, and contributions are welcome. If you're interested in contributing, please fork the repository and make your changes. Once you're done, submit a pull request. All contributions, no matter how small, are greatly appreciated.
If you're looking for something to do, you can have a look in our TODO List
Contact
Connor is always open to receiving questions. If you have any questions, suggestions, or just want to say hi, you can reach him at vetheon@pixelatedstudios.net or on discord via VetheonGames#0001.
Conclusion
NETRAVE is a robust, modular cybersecurity solution that provides a high level of security, vigilance, and response to threats. Its open-source nature and modular design make it a flexible and adaptable solution that can meet the changing needs of any network environment. Whether you're a network administrator looking for a comprehensive security solution, or a developer interested in contributing to an open-source project, NETRAVE has something to offer you.