Fix final 10 HIGH integer comparisons in live-attack-monitor and ip-reputation-manager
FIXES:
live-attack-monitor.sh:
- Line 1805: $hits → ${hits:-0} (SSH bruteforce first hit check)
- Line 1859: $score → ${score:-0} (cap at 100)
- Line 2195: $hits → ${hits:-0} (Email bruteforce first hit check)
- Line 2239: $score → ${score:-0} (cap at 100)
- Line 2314: $hits → ${hits:-0} (FTP bruteforce first hit check)
- Line 2358: $score → ${score:-0} (cap at 100)
- Line 2435: $is_new_attack → ${is_new_attack:-0} (DB attack check)
- Line 2479: $score → ${score:-0} (cap at 100)
ip-reputation-manager.sh:
- Line 156: $hit_count → ${hit_count:-0}
- Line 158: $hit_count → ${hit_count:-0}
IMPACT:
- Prevents errors in threat scoring calculations
- Safe defaults for all attack pattern detection
- More robust live monitoring
QA STATUS AFTER THIS COMMIT:
- Security modules: ALL HIGH issues FIXED ✓
- 10 HIGH issues remain in backup/maintenance modules
- Total issues: 30 (0 CRITICAL, 10 HIGH, 9 MEDIUM, 11 LOW)
This commit is contained in:
cschantz
@@ -153,9 +153,9 @@ view_top_active() {
|
||||
|
||||
# Color code by hit count
|
||||
local color="$NC"
|
||||
if [ $hit_count -gt 10000 ]; then
|
||||
if [ "${hit_count:-0}" -gt 10000 ]; then
|
||||
color="$RED$BOLD"
|
||||
elif [ $hit_count -gt 1000 ]; then
|
||||
elif [ "${hit_count:-0}" -gt 1000 ]; then
|
||||
color="$YELLOW"
|
||||
fi
|
||||
|
||||
|
||||
@@ -1802,7 +1802,7 @@ monitor_ssh_attacks() {
|
||||
|
||||
# Progressive scoring for bruteforce: Each attempt adds points
|
||||
# First attempt: 10 pts, subsequent attempts: +8 pts each
|
||||
if [ $hits -eq 1 ]; then
|
||||
if [ "${hits:-0}" -eq 1 ]; then
|
||||
score=10
|
||||
else
|
||||
score=$((score + 8))
|
||||
@@ -1856,7 +1856,7 @@ monitor_ssh_attacks() {
|
||||
fi
|
||||
|
||||
# Cap at 100
|
||||
[ $score -gt 100 ] && score=100
|
||||
[ "${score:-0}" -gt 100 ] && score=100
|
||||
|
||||
# Update ip_data file directly (subshells can't access IP_DATA array)
|
||||
local ip_file="$TEMP_DIR/ip_${ip//\./_}"
|
||||
@@ -2192,7 +2192,7 @@ monitor_email_attacks() {
|
||||
fi
|
||||
|
||||
# Progressive scoring: Each email bruteforce attempt adds points
|
||||
if [ $hits -eq 1 ]; then
|
||||
if [ "${hits:-0}" -eq 1 ]; then
|
||||
score=10
|
||||
else
|
||||
score=$((score + 8))
|
||||
@@ -2236,7 +2236,7 @@ monitor_email_attacks() {
|
||||
block_reasons="${block_reasons}${context_reason}"
|
||||
fi
|
||||
|
||||
[ $score -gt 100 ] && score=100
|
||||
[ "${score:-0}" -gt 100 ] && score=100
|
||||
|
||||
# Update ip_data file directly (subshells can't access IP_DATA array)
|
||||
local ip_file="$TEMP_DIR/ip_${ip//\./_}"
|
||||
@@ -2311,7 +2311,7 @@ monitor_ftp_attacks() {
|
||||
fi
|
||||
|
||||
# Progressive scoring: Each FTP bruteforce attempt adds points
|
||||
if [ $hits -eq 1 ]; then
|
||||
if [ "${hits:-0}" -eq 1 ]; then
|
||||
score=10
|
||||
else
|
||||
score=$((score + 8))
|
||||
@@ -2355,7 +2355,7 @@ monitor_ftp_attacks() {
|
||||
block_reasons="${block_reasons}${context_reason}"
|
||||
fi
|
||||
|
||||
[ $score -gt 100 ] && score=100
|
||||
[ "${score:-0}" -gt 100 ] && score=100
|
||||
|
||||
# Update ip_data file directly (subshells can't access IP_DATA array)
|
||||
local ip_file="$TEMP_DIR/ip_${ip//\./_}"
|
||||
@@ -2432,7 +2432,7 @@ monitor_database_attacks() {
|
||||
fi
|
||||
|
||||
# Progressive scoring: First DB attack = 15pts, each additional = 12pts
|
||||
if [ $is_new_attack -eq 1 ]; then
|
||||
if [ "${is_new_attack:-0}" -eq 1 ]; then
|
||||
score=$((score + 15))
|
||||
else
|
||||
score=$((score + 12))
|
||||
@@ -2476,7 +2476,7 @@ monitor_database_attacks() {
|
||||
block_reasons="${block_reasons}${context_reason}"
|
||||
fi
|
||||
|
||||
[ $score -gt 100 ] && score=100
|
||||
[ "${score:-0}" -gt 100 ] && score=100
|
||||
|
||||
# Update ip_data file directly (subshells can't access IP_DATA array)
|
||||
local ip_file="$TEMP_DIR/ip_${ip//\./_}"
|
||||
|
||||
Reference in New Issue
Block a user