Ready for version 0.3.

win7/Miniport/ghostport.inf

@@ -29,7 +29,7 @@ Signature = "$Windows NT$"
 Class = SCSIAdapter
 ClassGUID = {4D36E97B-E325-11CE-BFC1-08002BE10318}
 Provider = %Ghost%
-DriverVer = 03/22/2013,0.2.0.1
+DriverVer = 03/27/2013,0.3
 CatalogFile.NTamd64 = ghostport-amd64.cat
 
 

win7/PythonBindings/ghostwatch.py

@@ -5,6 +5,7 @@
 import sys
 from time import sleep
 import socket
+import _winreg
 
 # General parameters
 LOGFILE = None
@@ -15,10 +16,10 @@
 GHOST_DEVICE_ID = 0
 
 # HPfeeds parameters
-HPFEEDS_HOST = 'hpfriends.honeycloud.net'
-HPFEEDS_PORT = 20000
-HPFEEDS_IDENT = 'wWLnJ949'
-HPFEEDS_SECRET = 'yjniQJ6WzZybYy6q'
+HPFEEDS_HOST = 'your_broker'
+HPFEEDS_PORT = 10000
+HPFEEDS_IDENT = 'your_ident'
+HPFEEDS_SECRET = 'your_secret'
 HPFEEDS_REPORT_CHANNEL = 'ghost.reports'
 HPFEEDS_STATUS_CHANNEL = 'ghost.status'
 
@@ -28,19 +29,29 @@
 else:
 	logging.basicConfig(stream = sys.stderr, level = logging.INFO)
 
-logger = logging.getLogger('ghostwatch')	
-hpc = hpfeeds.new(HPFEEDS_HOST, HPFEEDS_PORT, HPFEEDS_IDENT, HPFEEDS_SECRET)
+logger = logging.getLogger('ghostwatch')
 
 def create_status_update(action):
 	status_update = {'action': action, 'hostname': socket.gethostname()}
 	return json.dumps(status_update)
+
+def activate_readonly():
+	try:
+		key = _winreg.OpenKey(_winreg.HKEY_LOCAL_MACHINE, r'SYSTEM\CurrentControlSet\services\ghostreadonly\Parameters', 0, _winreg.KEY_SET_VALUE)
+		_winreg.SetValueEx(key, 'BlockWriteToRemovable', 0, _winreg.REG_DWORD, 1)
+		_winreg.CloseKey(key)
+	except WindowsError:
+		logger.info('Ghostreadonly not installed or broken')
 
 def onincident(details):
 	logger.warning('Detection! PID %d, TID %d' % (details['PID'], details['TID']))
+	activate_readonly()
 	wire_report = dict(details)
 	wire_report['Ident'] = HPFEEDS_IDENT
-	hpc.publish(HPFEEDS_REPORT_CHANNEL, json.dumps(wire_report))
-	hpc.publish(HPFEEDS_STATUS_CHANNEL, create_status_update('detection'))
+	incident_hpc = hpfeeds.new(HPFEEDS_HOST, HPFEEDS_PORT, HPFEEDS_IDENT, HPFEEDS_SECRET)
+	incident_hpc.publish(HPFEEDS_REPORT_CHANNEL, json.dumps(wire_report))
+	incident_hpc.publish(HPFEEDS_STATUS_CHANNEL, create_status_update('detection'))
+	incident_hpc.close()
 
 def main():
 	logger.info('Initializing Ghost...')
@@ -49,11 +60,18 @@ def main():
 	logger.info('Ready')
 	while True:
 		logger.info('Mounting the virtual device')
+
+		hpc = hpfeeds.new(HPFEEDS_HOST, HPFEEDS_PORT, HPFEEDS_IDENT, HPFEEDS_SECRET)
 		hpc.publish(HPFEEDS_STATUS_CHANNEL, create_status_update('mount'))
+		hpc.close()
+
 		g.run(onincident)
 		logger.info('Virtual device removed')
+
+		hpc = hpfeeds.new(HPFEEDS_HOST, HPFEEDS_PORT, HPFEEDS_IDENT, HPFEEDS_SECRET)
 		hpc.publish(HPFEEDS_STATUS_CHANNEL, create_status_update('remove'))
 		hpc.close()
+
 		sleep(GHOST_INTERVAL)
 
 # Loop

win7/PythonBindings/process_reports.py

@@ -8,10 +8,10 @@
 
 DB_HOST = 'localhost'
 DB_PORT = 27017
-HPFEEDS_HOST   = 'hpfriends.honeycloud.net'
-HPFEEDS_PORT   = 20000
-HPFEEDS_IDENT  = 'n8AY3Kuw'
-HPFEEDS_SECRET = 'zEzb23Ta8QhJBaC9'
+HPFEEDS_HOST   = 'your_broker'
+HPFEEDS_PORT   = 10000
+HPFEEDS_IDENT  = 'your_ident'
+HPFEEDS_SECRET = 'your_secret'
 HPFEEDS_REPORT_CHANNEL = 'ghost.reports'
 HPFEEDS_STATUS_CHANNEL = 'ghost.status'
 

win7/Readonly/ghostreadonly.inf

@@ -30,7 +30,8 @@ Class = DiskDrive
 ClassGUID = {4D36E967-E325-11CE-BFC1-08002BE10318}
 ;ClassGUID = {4D36E97B-E325-11CE-BFC1-08002BE10318}
 Provider = %Ghost%
-DriverVer=12/17/2012,0.1
+DriverVer=03/27/2013,0.3
+CatalogFile.NTamd64 = ghostreadonly-amd64.cat
 
 
 [SourceDisksNames]

win7/Webadmin/serve.py

@@ -29,7 +29,9 @@ def machinetable():
 
 @bottle.route('/dismiss/<obj_id>')
 def dismiss(obj_id):
-	db.reports.remove({'_id': ObjectId(obj_id)})
+	report = db.reports.find_one({'_id': ObjectId(obj_id)})
+	report['Dismissed'] = True
+	db.reports.save(report)
 
 @bottle.route('/report/<machine_ident>')
 def report(machine_ident):

win7/version.h

@@ -29,7 +29,7 @@
 #define VERSION_H
 
 
-#define GHOST_VERSION "0.2"
+#define GHOST_VERSION "0.3"
 
 
 #endif