class Risu::Models::Item

Item Model

Public Class Methods

adjective_for_risk_text(risk_percent) click to toggle source

Based on the risk_percent returns a adjective representative

@param risk_percent Calculated percentage of risk based on {Item::calculate_vulnerable_host_percent}

@deprecated @return [String] Textual representation of the risk_percent

# File lib/risu/models/item.rb, line 429
def adjective_for_risk_text risk_percent
        adjective = case risk_percent
                when 0..5
                        "excellent"
                when 6..10
                        "great"
                when 11..15
                        "good"
                when 16..20
                        "fair"
                else
                        "poor"
        end
end
all_risks_unique_sorted() click to toggle source

Queries for all unique risks and sorts them by count

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 768
def all_risks_unique_sorted
    select("items.*").select("count(*) as count_all").group(:plugin_id).order("count_all DESC")
end
calculate_missing_common_patch_host_percent() click to toggle source
# File lib/risu/models/item.rb, line 388
def calculate_missing_common_patch_host_percent
        hosts = Host.unique_hosts_with_common_missing_patches_count
        host_percent = (hosts.to_f / Host.count.to_f) * 100
end
calculate_overall_host_percent() click to toggle source
# File lib/risu/models/item.rb, line 393
def calculate_overall_host_percent
        hosts = Host.uniquie_hosts_with_critical_high_common_count
        host_percent = (hosts.to_f / Host.count.to_f) * 100
end
calculate_vulnerable_host_percent() click to toggle source

Calculates a vulnerable host percent based on Critical and High findings (unique_vuln_crit_high_count / host_count) * 100

@deprecated @return [FixNum] Percentage of vulnerable hosts

# File lib/risu/models/item.rb, line 380
def calculate_vulnerable_host_percent
        #patch to fix double counting
        #unique_hosts_with_critical_and_high = Host.unique_hosts_with_critical.count + Host.unique_hosts_with_high.count
        #unique_hosts_with_critical_and_high = Host.unique_hosts_with_critical_and_high_count
        unique_hosts_with_critical_and_high = Host.unique_hosts_with_critical_and_high_count
        host_percent = (unique_hosts_with_critical_and_high.to_f / Host.count.to_f) * 100
end
calculate_vulnerable_host_percent_with_patches_applied() click to toggle source

@TODO w t f @deprecated

# File lib/risu/models/item.rb, line 400
def calculate_vulnerable_host_percent_with_patches_applied

        exclude_list = []
        hosts = []

        risks = Item.top_10_sorted_raw[0..9]

        risks.each do |risk|
                exclude_list << risk[0]
        end

        Item.critical_risks.where.not(:plugin_id => exclude_list).each do |item|
                hosts << item.host_id
        end

        Item.high_risks.where.not(:plugin_id => exclude_list).each do |item|
                hosts << item.host_id
        end

        hosts.uniq!
        (hosts.count.to_f / Host.count.to_f) * 100
end
common_patch_percent_rounded_text() click to toggle source
# File lib/risu/models/item.rb, line 515
def common_patch_percent_rounded_text
        "#{calculate_missing_common_patch_host_percent().round}%"
end
common_patch_percent_text() click to toggle source
# File lib/risu/models/item.rb, line 528
def common_patch_percent_text
        "%.2f%%" % calculate_missing_common_patch_host_percent()
end
common_patch_risks() click to toggle source
# File lib/risu/models/item.rb, line 805
def common_patch_risks
        results = Array.new

        common_patches = Plugin.where(:family_name => "Risu Rollup Plugins").group(:id)

        common_patches.each do |plugin|
                items = Item.where(:plugin_id => plugin.id).to_a
                items.each do |item|
                        results.push(item.id)
                end
        end

        results
end
common_patches_order_by_cvss_raw() click to toggle source
# File lib/risu/models/item.rb, line 542
def common_patches_order_by_cvss_raw
        #items = Item.joins(:plugin).where(:severity => [4, 3, 2, 1]).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
        #items = Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
        #items = items.merge Item.joins(:plugin).where(:severity => 3).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
        #items = items.merge Item.joins(:plugin).where(:severity => 2).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
        #items = items.merge Item.joins(:plugin).where(:severity => 1).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
        # items = items.sort_by{|k,v| v}.reverse.to_h
        # results = {}
        #
        # items.each do |id, count|
        #  if Item.where(:plugin_id => id).plugin.first.family_name != "Risu Rollup Plugins"
        #          next
        #  end
        #
        #  results[id] = count;
        # end
        #
        # return results

        results = {}
        final_results = {}

        common_patches = Plugin.where(:family_name => "Risu Rollup Plugins").group(:id)
        common_patches.each do |plugin|
                count = Item.where(:plugin_id => plugin.id).count
                results[plugin.id] = count
        end

        results.each do |k,v|
                if v > 0
                        final_results[k] = v
                end
        end

        results = final_results.sort_by{|k,v| v}.reverse.to_h

        return results
end
common_patches_sorted() click to toggle source
# File lib/risu/models/item.rb, line 712
def common_patches_sorted
        raw = common_patches_order_by_cvss_raw
        data = Array.new

        raw.each do |vuln|
                row = Array.new
                plugin_id = vuln[0]
                count = vuln[1]

                name = scrub_plugin_name(Plugin.find_by_id(plugin_id).plugin_name)

                row.push(name)
                row.push(count)
                data.push(row)
        end

        data = data.sort do |a, b|
                b[1] <=> a[1]
        end

        return data
end
common_patches_sorted_raw() click to toggle source
# File lib/risu/models/item.rb, line 663
def common_patches_sorted_raw
        raw = common_patches_order_by_cvss_raw

        data = Array.new

        raw.each do |vuln|
                row = Array.new
                plugin_id = vuln[0]
                count = vuln[1]

                row.push(plugin_id)
                row.push(count)
                data.push(row) if count > 0
        end

        data = data.sort do |a, b|
                b[1] <=> a[1]
        end

        return data
end
common_patches_table(output) click to toggle source
# File lib/risu/models/item.rb, line 753
def common_patches_table(output)
        headers = ["Description", "Count"]
        header_widths = {0 => (output.bounds.width - 50), 1 => 50}

        data = common_patches_sorted

        output.table([headers] + data[0..9], :header => true, :column_widths => header_widths, :width => output.bounds.width) do
                row(0).style(:font_style => :bold, :background_color => 'cccccc')
                cells.borders = [:top, :bottom, :left, :right]
        end
end
critical_high_common_risks() click to toggle source
# File lib/risu/models/item.rb, line 820
def critical_high_common_risks
        results = Array.new

        common_patches = Plugin.where(:family_name => "Risu Rollup Plugins").group(:id)

        common_patches.each do |plugin|
                items = Item.where(:plugin_id => plugin.id).to_a
                items.each do |item|
                        results.push(item.id)
                end
        end

        items = Item.critical_risks.to_a
        items.each do |item|
                results.push(item.id)
        end

        items = Item.high_risks.to_a
        items.each do |item|
                results.push(item.id)
        end

        results
end
critical_high_common_risks_count() click to toggle source
# File lib/risu/models/item.rb, line 845
def critical_high_common_risks_count
        critical_high_common_risks().size
end
critical_risks() click to toggle source

Queries for all the critical risks in the database

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 44
def critical_risks
        where(:severity => 4).where(:rollup_finding => false)
end
critical_risks_by_host(limit=10) click to toggle source

Queries for all the Critical risks by host

@param limit Limits the result to a specific number, default 10

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 220
def critical_risks_by_host(limit=10)
        #select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 4).group(:host_id).order("count_all DESC").limit(limit)
        Item.joins(:host).where.not(plugin_id: 1).where(:severity => 4).where(:rollup_finding => false).group(:host_id).order(Arel.sql('COUNT(*) DESC')).limit(limit)
end
critical_risks_unique() click to toggle source

Queries for all the unique Critical risks in the database

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 105
def critical_risks_unique
        where(:severity => 4).joins(:plugin).order("plugins.cvss_base_score").group(:plugin_id)
end
critical_risks_unique_sorted() click to toggle source

Queries for all the unique Critical findings and sorts them by count

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 119
def critical_risks_unique_sorted
        #Item.select("items.*").select("count(*) as count_all").where(:severity => 4).group(:plugin_id).order("count_all DESC")
        Item.where(:severity => 4).group(:plugin_id).order(Arel.sql('COUNT(*) DESC'))
end
exploitablity_matrix(findings) click to toggle source

Builds a array of findings with their exploitablity values

@param [ActiveRecord::Relation] findings to build matrix on

@return [Array] with the rows of name, total, core, metasploit, canvas, exploithub, d2elliot

# File lib/risu/models/item.rb, line 784
def exploitablity_matrix findings
        results = Array.new

        findings.each do |item|
                plugin = Plugin.where(:id => item.plugin_id).first

                name = scrub_plugin_name(plugin.plugin_name)
                total = Item.where(:plugin_id => item.plugin_id).count
                core = plugin.exploit_framework_core? ? "Yes" : nil
                metasploit = plugin.exploit_framework_metasploit? ? "Yes" : nil
                canvas = plugin.exploit_framework_canvas? ? "Yes" : nil
                exploithub = plugin.exploit_framework_exploithub? ? "Yes" : nil
                d2elliot = plugin.exploit_framework_d2_elliot? ? "Yes" : nil

                results.push [name, total, core, metasploit, canvas, exploithub, d2elliot]
        end

        return results
end
high_risks() click to toggle source

Queries for all the high risks in the database

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 58
def high_risks
        where(:severity => 3).where(:rollup_finding => false)
end
high_risks_by_host(limit=10) click to toggle source

Queries for all the High risks by host

@param limit Limits the result to a specific number, default 10

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 230
def high_risks_by_host(limit=10)
        #select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 3).group(:host_id).order("count_all DESC").limit(limit)

        Item.joins(:host).where.not(plugin_id: 1).where(:severity => 3).where(:rollup_finding => false).group(:host_id).order(Arel.sql('COUNT(*) DESC')).limit(limit)
end
high_risks_unique() click to toggle source

Queries for all the unique high risks in the database

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 112
def high_risks_unique
        where(:severity => 3).joins(:plugin).order("plugins.cvss_base_score").group(:plugin_id)
end
high_risks_unique_sorted() click to toggle source

Queries for all the unique high findings and sorts them by count

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 127
def high_risks_unique_sorted
        Item.where(:severity => 3).group(:plugin_id).order(Arel.sql('COUNT(*) DESC'))
        #select("items.*").select("count(*) as count_all").where(:severity => 3).group(:plugin_id).order("count_all DESC")
end
info_risks() click to toggle source

Queries for all the info risks in the database

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 94
def info_risks
        where(:severity => 0).where(:rollup_finding => false)
end
info_risks_unique() click to toggle source

Queries for all the unique info risks in the database

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 165
def info_risks_unique
        #where(:severity => 0).joins(:plugin).order(:cvss_base_score).group(:plugin_id)
        where(:severity => 0).joins(:plugin).order("plugins.cvss_base_score").group(:plugin_id)
end
info_risks_unique_sorted() click to toggle source

Queries for all the unique info findings and sorts them by count

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 173
def info_risks_unique_sorted
        select("items.*").select("count(*) as count_all").where(:severity => 0).group(:plugin_id).order("count_all DESC")
end
low_risks() click to toggle source

Queries for all the low risks in the database

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 83
def low_risks
        where(:severity => 1).where(:rollup_finding => false)
end
low_risks_by_host(limit=10) click to toggle source

Queries for all the Low risks by host

@param limit Limits the result to a specific number, default 10

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 251
def low_risks_by_host(limit=10)
        #select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 1).group(:host_id).order("count_all DESC").limit(limit)
        Item.joins(:host).where.not(plugin_id: 1).where(:severity => 1).where(:rollup_finding => false).group(:host_id).order(Arel.sql('COUNT(*) DESC')).limit(limit)
end
low_risks_unique() click to toggle source

Queries for all the unique low risks in the database

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 151
def low_risks_unique
        where(:severity => 1).joins(:plugin).order("plugins.cvss_base_score").group(:plugin_id)
end
low_risks_unique_sorted() click to toggle source

Queries for all the unique low findings and sorts them by count

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 158
def low_risks_unique_sorted
        select("items.*").select("count(*) as count_all").where(:severity => 1).group(:plugin_id).order("count_all DESC")
end
medium_risks() click to toggle source

Queries for all the medium risks in the database

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 72
def medium_risks
        where(:severity => 2).where(:rollup_finding => false)
end
medium_risks_by_host(limit=10) click to toggle source

Queries for all the Medium risks by host

@param limit Limits the result to a specific number, default 10

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 241
def medium_risks_by_host(limit=10)
        #select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 2).group(:host_id).order("count_all DESC").limit(limit)
        Item.joins(:host).where.not(plugin_id: 1).where(:severity => 2).where(:rollup_finding => false).group(:host_id).order(Arel.sql('COUNT(*) DESC')).limit(limit)
end
medium_risks_unique() click to toggle source

Queries for all the unique medium risks in the database

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 135
def medium_risks_unique

        where(:severity => 2).joins(:plugin).order("plugins.cvss_base_score").group(:plugin_id)
end
medium_risks_unique_sorted() click to toggle source

Queries for all the unique medium findings and sorts them by count

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 143
def medium_risks_unique_sorted
        Item.where(:severity => 2).group(:plugin_id).order(Arel.sql('COUNT(*) DESC'))
        #select("items.*").select("count(*) as count_all").where(:severity => 2).group(:plugin_id).order("count_all DESC")
end
ms_patches() click to toggle source

Queries for all the hosts with the Microsoft patch summary plugin (38153)

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 259
def ms_patches
        where(:plugin_id => 38153).joins(:host)
end
ms_update() click to toggle source

Queries for all host with the Microsoft Update Summary plugin(12028)

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 266
def ms_update
        where(:plugin_id => 12028).joins(:host)
end
notable_order_by_cvss_raw() click to toggle source

@TODO comment @FIXME this doesn't work with PostProcess plugins

# File lib/risu/models/item.rb, line 585
def notable_order_by_cvss_raw

        #MIGHT NOT BE CORRECT @TODO

        #return Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").count(:all, :group => :plugin_id)
        #return Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
        #critical = Item.joins(:plugin).where(:severity => 4).group(:plugin_id).distinct.count


        #critical = Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
        #if critical.size < 10
        #  high = Item.joins(:plugin).where(:severity => 3).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
        #  critical = critical.merge high
        #end

        #critical =Item.joins(:plugin).where(:severity => 4).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
        #high = Item.joins(:plugin).where(:severity => 3).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
        #critical = critical.merge high

        items = Item.joins(:plugin).where(:severity => [4, 3]).order("plugins.cvss_base_score").group(:plugin_id).distinct.count
        items = items.sort_by{|k,v| v}.reverse.to_h
        results = {}

        items.each do |id, count|
                if Item.where(:plugin_id => id).plugin.first.family_name == "Risu Rollup Plugins"
                        next
                end

                results[id] = count;
        end

        return results


        #items = Item.joins(:plugin).where(:severity => [4, 3])

        #items = items.where.not("plugin.family_name" => 'Risu Rollup Plugins')

        #items.where.not(:plugin.family_name = Risu Rollup Plugins').order("plugins.cvss_base_score").group(:plugin_id).distinct.count

        #items.sort_by{|k,v| v}.to_h


end
overall_risk_percent_rounded_text() click to toggle source
# File lib/risu/models/item.rb, line 519
def overall_risk_percent_rounded_text
        "#{calculate_overall_host_percent().round}%"
end
overall_risk_percent_text() click to toggle source
# File lib/risu/models/item.rb, line 532
def overall_risk_percent_text
        "%.2f%%" % calculate_overall_host_percent()
end
plugin() click to toggle source

Returns the plugin that this [Item] belongs to

@return [Plugin] the that this [Item] references

# File lib/risu/models/item.rb, line 775
def plugin
        Plugin.where(:id => Item.first.attributes["plugin_id"])
end
raw_critical_risks() click to toggle source

Queries for all the real critical risks in the database

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 51
def raw_critical_risks
        where(:severity => 4)
end
raw_high_risks() click to toggle source

Queries for all the real high risks in the database

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 65
def raw_high_risks
        where(:severity => 3)
end
raw_info_risks() click to toggle source
# File lib/risu/models/item.rb, line 98
def raw_info_risks
        where(:severity => 0)
end
raw_low_risks() click to toggle source
# File lib/risu/models/item.rb, line 87
def raw_low_risks
        where(:severity => 1)
end
raw_medium_risks() click to toggle source
# File lib/risu/models/item.rb, line 76
def raw_medium_risks
        where(:severity => 2)
end
risk_percent_patched_rounded_text() click to toggle source

@deprecated

# File lib/risu/models/item.rb, line 511
def risk_percent_patched_rounded_text
        "#{calculate_vulnerable_host_percent_with_patches_applied().round}%"
end
risk_percent_patched_text() click to toggle source

@deprecated

# File lib/risu/models/item.rb, line 537
def risk_percent_patched_text
        "%.2f%%" % calculate_vulnerable_host_percent_with_patches_applied()
end
risk_percent_rounded_text() click to toggle source

@deprecated

# File lib/risu/models/item.rb, line 506
def risk_percent_rounded_text
        "#{calculate_vulnerable_host_percent().round}%"
end
risk_percent_text() click to toggle source

@deprecated

# File lib/risu/models/item.rb, line 524
def risk_percent_text
        "%.2f%%" % calculate_vulnerable_host_percent()
end
risk_text(risk_percent) click to toggle source

Builds a sentence based on the risk_percent to describe the risk

@param risk_percent Calculated percentage of risk based on {Item::calculate_vulnerable_host_percent}

@deprecated @return [String] Sentence describing the implied significance of the risk_percent

# File lib/risu/models/item.rb, line 450
def risk_text risk_percent
        percent_text = case risk_percent
                when 0..5.99
                        "This implies that only a handful of computers are missing patches, and the current patch management is working well."
                when 6..10.99
                        "This implies that there is a minor patch management issue. If there is a patch management system, it should be checked for problems. " +
                        "Each host should also be inspected to be certain it can receive patches."
                when 11..15.99
                        "This implies that there is a substantial patch management issue. If there is a patch management system, it should be checked for problems. " +
                        "Each host should also be inspected to be certain it can receive patches."
                when 16..20
                        "This implies that there is a significant patch management issue. If there is a patch management system, it should be checked for problems. " +
                        "Each host should also be inspected to be certain it can receive patches."
                else
                        "This implies that there is a critical patch management problem on the network. Any patch management solutions should " +
                        "be inspected for issues and they should be corrected as soon as possible. Each host should also be inspected to be certain it can receive patches."
        end
end
risks() click to toggle source

Queries for all risks in the database

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 37
def risks
        where(:severity => [0,1,2,3,4]).where(:rollup_finding => false)
end
risks_by_host(limit=10) click to toggle source

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 209
def risks_by_host(limit=10)
        #select("items.*").select("count(*) as count_all").joins(:host).where("plugin_id != 1").where(:severity => 4).group(:host_id).order("count_all DESC").limit(limit)
        #Item.joins(:host).where.not(plugin_id: 1).where(:severity => 4).group(:host_id).order(Arel.sql('COUNT(*) DESC')).limit(limit)
        Item.joins(:host).where.not(plugin_id: 1).where(:severity => 4).group(:host_id).order(Arel.sql('COUNT(*) DESC')).limit(limit)
end
risks_by_plugin(limit=10) click to toggle source

Queries for all the Critical risks by plugin

@TODO rewrite @param limit Limits the result to a specific number, default 10

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 191
def risks_by_plugin(limit=10)
        select("items.*").select("count(*) as count_all").joins(:plugin).where("plugin_id != 1").where(:severity => 4).group(:plugin_id).order("count_all DESC").limit(limit)
end
risks_by_service(limit=10) click to toggle source

Queries for all the risks grouped by service type, used for the Vulnerabilities by Service graph

@TODO rewrite @return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 181
def risks_by_service(limit=10)
        select("items.*").select("count(*) as count_all").where("svc_name != 'unknown' and svc_name != 'general'").group(:svc_name).order("count_all DESC").limit(limit)
end
risks_by_service_graph(limit=10) click to toggle source

Generates a Graph of all the risks by service

@param limit Limits the result to a specific number, default 10

@deprecated @return [StringIO] Object containing the generated PNG image

# File lib/risu/models/item.rb, line 276
def risks_by_service_graph(limit=10)
        g = Gruff::Pie.new(GRAPH_WIDTH)
        g.title = sprintf "Top %d Services By Vulnerability", Item.risks_by_service(limit).to_a.count
        g.sort = false
        g.marker_count = 1
        g.theme = {
                :colors => Risu::GRAPH_COLORS,
                :background_colors => %w(white white)
        }

        Item.risks_by_service(limit).to_a.each do |service|
                g.data(service.svc_name, Item.all.where(:svc_name => service.svc_name).count)
        end

        StringIO.new(g.to_blob)
end
risks_by_service_graph_text() click to toggle source

Generates text for the Risks by Service graph

@deprecated @return [String] Text based on the Risks by Service graph

# File lib/risu/models/item.rb, line 297
def risks_by_service_graph_text
        "This graph is a representation of the findings found by service. This graph can help " +
        "understand what services are running on the network and if they are vulnerable, where " +
        "the risks are and how they should be protected.\n\n"
end
risks_by_severity_graph() click to toggle source

Generates a Graph of all the risks by severity

@deprecated @return [StringIO] Object containing the generated PNG image

# File lib/risu/models/item.rb, line 307
def risks_by_severity_graph
        g = Gruff::Bar.new(GRAPH_WIDTH)
        g.title = "Risks By Severity"
        g.sort = false
        g.marker_count = 1
        g.theme = {
                :colors => Risu::GRAPH_COLORS,
                :background_colors => %w(white white)
        }

        crit = Item.critical_risks.count
        high = Item.high_risks.count
        medium = Item.medium_risks.count
        low = Item.low_risks.count
        #info = Item.info_risks.count

        if crit == nil then crit = 0 end
        if high == nil then high = 0 end
        if medium == nil then medium = 0 end
        if low == nil then low = 0 end
        #if info == nil then info = 0 end

        g.data("Critical", crit)
        g.data("High", high)
        g.data("Medium", medium)
        g.data("Low", low)

        StringIO.new(g.to_blob)
end
risks_by_severity_graph_text() click to toggle source

@TODO change Report.title to a real variable @TODO rewrite this @deprecated

# File lib/risu/models/item.rb, line 472
def risks_by_severity_graph_text
        host_percent = calculate_vulnerable_host_percent()
        adjective = adjective_for_risk_text(host_percent)
        risk_text = risk_text(host_percent)

        graph_text = "This bar graph is a representation of the findings by severity; the " +
        "graph shows that, overall, #{Report.title} has a #{adjective} handle on the patch " +
        "management of the network. "

        #graph_text = "This bar graph is a representation of the findings by severity; the " +
        #{}"graph shows that, Overall #{Report.title} needs to implement patch management and configuration management as a priority."

        #if adjective == "good" or adjective == "fair"
        #  graph_text << "But improvements in patch management could be made to ensure an excellent rating."
        #end

        graph_text << "\n\n"

        graph_text << "The majority of the critical findings were found on #{host_percent.round}% of the total assessed computers. #{risk_text}\n\n"

        graph_text << "The systems with critical vulnerabilities represent the largest threat to the network, " +
        "so patching this group is paramount to the overall network security. It only takes one vulnerability " +
        "to create a security incident.\n\n"

        graph_text << "It should be noted that low findings and open ports represent the discovery "
        graph_text << "of network services and open ports. Typically, these are not an indication of "
        graph_text << "a serious problem and pose little to no threat. However, the correlation of "
        graph_text << "data between the different severity levels could be used to determine degree "
        graph_text << "of vulnerability for a given system.\n"

        return graph_text
end
scrub_plugin_name(name) click to toggle source

Scrubs a plugin_name to remove all pointless data

@return [String] Scrubbed plugin name

# File lib/risu/models/item.rb, line 633
def scrub_plugin_name name
        return name.gsub("(remote check)", "").gsub("(uncredentialed check)", "").gsub(/(\(\d.*\))/, "")
end
stig_findings(category="I") click to toggle source

Queries for all DISA Stig findings by category

@param category The DISA Stig category I, II, III

@return [ActiveRecord::Relation] with the query results

# File lib/risu/models/item.rb, line 342
def stig_findings(category="I")
        where('plugin_id IN (:plugins)', :plugins => Plugin.where(:stig_severity => category).select(:id)).order("severity DESC")
end
stigs_severity_graph() click to toggle source

Generates a Graph of all the risks by severity

@deprecated @return [StringIO] Object containing the generated PNG image

# File lib/risu/models/item.rb, line 350
def stigs_severity_graph
        g = Gruff::Bar.new(GRAPH_WIDTH)
        g.title = "Stigs By Severity"
        g.sort = false
        g.marker_count = 1
        g.theme = {
                :colors => Risu::GRAPH_COLORS,
                :background_colors => %w(white white)
        }

        i = Item.stig_findings("I").count
        ii = Item.stig_findings("II").count
        iii = Item.stig_findings("III").count

        if i == nil then i = 0 end
        if ii == nil then ii = 0 end
        if iii == nil then iii = 0 end

        g.data("Cat I", i)
        g.data("Cat II", ii)
        g.data("Cat III", iii)

        StringIO.new(g.to_blob)
end
top_10_sorted() click to toggle source

Returns an array of plugin_id and plugin_name for the top 10 findings sorted by CVSS score

@return [Array] Sorted top 10 findings

# File lib/risu/models/item.rb, line 689
def top_10_sorted
        raw = notable_order_by_cvss_raw
        data = Array.new

        raw.each do |vuln|
                row = Array.new
                plugin_id = vuln[0]
                count = vuln[1]

                name = scrub_plugin_name(Plugin.find_by_id(plugin_id).plugin_name)

                row.push(name)
                row.push(count)
                data.push(row)
        end

        data = data.sort do |a, b|
                b[1] <=> a[1]
        end

        return data
end
top_10_sorted_raw() click to toggle source

Returns an array of plugin_id and plugin_name for the top 10 findings unsorted

@return [Array] Unsorted top 10 findings

# File lib/risu/models/item.rb, line 641
def top_10_sorted_raw
        raw = notable_order_by_cvss_raw

        data = Array.new

        raw.each do |vuln|
                row = Array.new
                plugin_id = vuln[0]
                count = vuln[1]

                row.push(plugin_id)
                row.push(count)
                data.push(row)
        end

        data = data.sort do |a, b|
                b[1] <=> a[1]
        end

        return data
end
top_10_table(output) click to toggle source

Returns a prawn pdf table for the top 10 notable findings

@TODO change this method to return a array/table and let the template render it @TODO rename to notable_table also

@param output device to write the table to

# File lib/risu/models/item.rb, line 741
def top_10_table(output)
        headers = ["Description", "Count"]
        header_widths = {0 => (output.bounds.width - 50), 1 => 50}

        data = top_10_sorted

        output.table([headers] + data[0..9], :header => true, :column_widths => header_widths, :width => output.bounds.width) do
                row(0).style(:font_style => :bold, :background_color => 'cccccc')
                cells.borders = [:top, :bottom, :left, :right]
        end
end