diff --git a/README.md b/README.md index 1452e54b5..ce0a83c88 100644 --- a/README.md +++ b/README.md @@ -3,6 +3,20 @@ # MozDef: Mozilla Enterprise Defense Platform +## Documentation: + +http://mozdef.readthedocs.org/en/latest/ + + +## Give MozDef a Try in AWS: + +The following button will launch the Mozilla Enterprise Defense Platform in your AWS account. + +**Warning:** Pressing the "Launch Stack" button and following through with the deployment will incur charges to your AWS account. + +[![Launch MozDef](docs/source/images/cloudformation-launch-stack.png)][1] + + ## Why? The inspiration for MozDef comes from the large arsenal of tools available to attackers. Suites like metasploit, armitage, lair, dradis and others are readily available to help attackers coordinate, share intelligence and finely tune their attacks in real time. Defenders are usually limited to wikis, ticketing systems and manual tracking databases attached to the end of a Security Information Event Management (SIEM) system. @@ -22,12 +36,4 @@ The Mozilla Enterprise Defense Platform (MozDef) seeks to automate the security MozDef is in production at Mozilla where we are using it to process over 300 million events per day. -## Give MozDef a Try in AWS: - -[![Launch MozDef](docs/source/images/cloudformation-launch-stack.png)][1] - -## Documentation: - -http://mozdef.readthedocs.org/en/latest/ - -[1]: https://console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks/new?stackName=mozdef-for-aws&templateURL=https://s3-us-west-2.amazonaws.com/public.us-west-2.infosec.mozilla.org/mozdef/cf/v1.38.5/mozdef-parent.yml +[1]: https://console.aws.amazon.com/cloudformation/home?region=us-west-2#/stacks/new?stackName=mozdef-for-aws&templateURL=https://s3-us-west-2.amazonaws.com/public.us-west-2.infosec.mozilla.org/mozdef/cf/v1.38.5/mozdef-parent.yml \ No newline at end of file diff --git a/alerts/cloudtrail_public_bucket.py b/alerts/cloudtrail_public_bucket.py new file mode 100644 index 000000000..50e29d097 --- /dev/null +++ b/alerts/cloudtrail_public_bucket.py @@ -0,0 +1,42 @@ +#!/usr/bin/env python + +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# Copyright (c) 2014 Mozilla Corporation + + +from lib.alerttask import AlertTask +from mozdef_util.query_models import SearchQuery, TermMatch, ExistsMatch + + +class AlertCloudtrailPublicBucket(AlertTask): + def main(self): + search_query = SearchQuery(minutes=20) + + search_query.add_must([ + TermMatch('source', 'cloudtrail'), + TermMatch('details.eventname', 'PutBucketPolicy'), + ExistsMatch('details.requestparameters.bucketpolicy.statement.principal') + ]) + + self.filtersManual(search_query) + self.searchEventsSimple() + self.walkEvents() + + # Set alert properties + def onEvent(self, event): + request_parameters = event['_source']['details']['requestparameters'] + for statement in request_parameters['bucketpolicy']['statement']: + if statement['principal'] != '*': + return + category = 'access' + tags = ['cloudtrail'] + severity = 'INFO' + + bucket_name = 'Unknown' + if 'bucketname' in request_parameters: + bucket_name = request_parameters['bucketname'] + + summary = "The s3 bucket {0} is listed as public".format(bucket_name) + return self.createAlertDict(summary, category, tags, [event], severity) diff --git a/meteor/.meteor/versions b/meteor/.meteor/versions index 8857b1942..12dd02602 100644 --- a/meteor/.meteor/versions +++ b/meteor/.meteor/versions @@ -98,7 +98,7 @@ templating-compiler@1.3.3 templating-runtime@1.3.2 templating-tools@1.1.2 tracker@1.2.0 -twbs:bootstrap@3.3.6 +twbs:bootstrap@3.3.5 ui@1.0.13 underscore@1.0.10 url@1.2.0 diff --git a/meteor/client/greeting.html b/meteor/client/greeting.html new file mode 100644 index 000000000..5e72d714e --- /dev/null +++ b/meteor/client/greeting.html @@ -0,0 +1,8 @@ + + \ No newline at end of file diff --git a/meteor/client/greeting.js b/meteor/client/greeting.js new file mode 100644 index 000000000..d4c62b507 --- /dev/null +++ b/meteor/client/greeting.js @@ -0,0 +1,17 @@ +if ( Meteor.isClient ) { + + Template.hello.helpers( { + greeting: function() { + if ( typeof console !== 'undefined' ) + console.log( "mozdef starting" ); + return "Hand made by Mozilla"; + } + } ); + + Template.hello.events( { + 'click': function() { + // template data, if any, is available in 'this' + Session.set( 'displayMessage', 'Welcome to mozdef.' ) + } + } ); +}; diff --git a/meteor/client/loading.html b/meteor/client/loading.html new file mode 100644 index 000000000..8ab6d069c --- /dev/null +++ b/meteor/client/loading.html @@ -0,0 +1,3 @@ + diff --git a/meteor/client/main.js b/meteor/client/main.js index 22061f018..b36205834 100644 --- a/meteor/client/main.js +++ b/meteor/client/main.js @@ -5,11 +5,16 @@ import { Mongo } from 'meteor/mongo'; import { Session } from 'meteor/session'; import { _ } from 'meteor/underscore'; import { Blaze } from 'meteor/blaze'; +import '/client/loading.html'; +import '/client/greeting.html'; +import '/client/greeting.js'; import '/imports/settings.js'; import '/imports/collections.js'; import '/imports/helpers.js'; import '/imports/models.js'; -import '/client/about.html'; +import '/client/mozdef.html'; +import '/client/layout.js'; +import '/client/router.js'; import '/client/alertdetails.html'; import '/client/alertdetails.js'; import '/client/alertssummary.html'; @@ -54,11 +59,12 @@ import '/client/logincounts.html'; import '/client/logincounts.js'; import '/client/mozdefhealth.html'; import '/client/mozdefhealth.js'; +import '/client/about.html'; import '/client/nameplate.html'; import '/client/nameplate.js'; import '/client/verisTags.html'; import '/client/preferences.html'; import '/client/preferences.js' -import '/client/router.js'; +import '/public/css/dropdowns.css'; import '/client/mozdef.js'; diff --git a/meteor/client/menu.html b/meteor/client/menu.html index f789edbc2..97abf381d 100644 --- a/meteor/client/menu.html +++ b/meteor/client/menu.html @@ -11,8 +11,7 @@ diff --git a/meteor/client/themes/classic/menu.html b/meteor/client/themes/classic/menu.html new file mode 100644 index 000000000..97abf381d --- /dev/null +++ b/meteor/client/themes/classic/menu.html @@ -0,0 +1,99 @@ + + + + + + diff --git a/meteor/client/themes/none/menu-start.css b/meteor/client/themes/none/menu-start.css new file mode 100644 index 000000000..252df290f --- /dev/null +++ b/meteor/client/themes/none/menu-start.css @@ -0,0 +1,42 @@ +/* default start/login css */ +:root { + --bg-primary-color: #205799; + --bg-secondary-color: #444444; + --txt-primary-color: #fff; + --txt-secondary-color: #000; + --txt-shadow-color: #000; + --txt-highlight-color: rgba(165, 170, 172, 0.904); + --a-link-color: rgb(245, 222, 179); + --row-color-odd: rgba(30,87,153,.7); + --row-color-even: #636c85; + } + +html{ + background: none; + min-height: 100%; +} + +body{ + background: var(--bg-primary-color); + padding: 0; + color: var(--txt-primary-color); + line-height: normal; + text-align: left; +} + +.col-xs-offset-3 { + margin-left: 28%; +} + +.welcome { + height: 180px; + width: 800px; + margin-left: 25%; + color: var(--txt-primary-color); + vertical-align: middle; +} + +.mozdeflogo{ + padding-top: 30%; + width: 100%; +} \ No newline at end of file diff --git a/meteor/client/themes/none/menu-start.html b/meteor/client/themes/none/menu-start.html new file mode 100644 index 000000000..a4f8084c4 --- /dev/null +++ b/meteor/client/themes/none/menu-start.html @@ -0,0 +1,17 @@ + + + + diff --git a/meteor/client/themes/side_nav_dark/menu.html b/meteor/client/themes/side_nav_dark/menu.html new file mode 100644 index 000000000..f7c75f1d5 --- /dev/null +++ b/meteor/client/themes/side_nav_dark/menu.html @@ -0,0 +1,180 @@ + + + + + diff --git a/meteor/imports/themes/classic/mozdef.css b/meteor/imports/themes/classic/mozdef.css index c1cd3c0be..656ac8825 100644 --- a/meteor/imports/themes/classic/mozdef.css +++ b/meteor/imports/themes/classic/mozdef.css @@ -5,7 +5,7 @@ file, You can obtain one at http://mozilla.org/MPL/2.0/. Copyright (c) 2014 Mozilla Corporation */ -/* variables */ +/* classic theme variables */ :root { --bg-primary-color: rgb(32,87,153); --bg-secondary-color: #444444; @@ -70,6 +70,8 @@ caption, legend { display: flex; align-items: center; justify-content: center; + width: 1200px; + padding-bottom: 30px; } #header a.mozilla { @@ -81,6 +83,21 @@ caption, legend { overflow: visible; } +/* Home Page Styling */ +.welcome { + height: 180px; + width: 600px; + margin-left: 25%; + text-align: center; + color: var(--txt-primary-color); + vertical-align: middle; +} + +.mozdeflogo{ + width: 500px; + vertical-align: middle; +} + #bottom-toolbar { background: var(--bg-secondary-color); width: 100%; @@ -245,6 +262,7 @@ h1, h2, h3, h4, h5, h6, .h1, .h2, .h3, .h4, .h5, .h6 { .btn { border: 1px outset; border-radius: 4px; + color: #999; } @@ -281,29 +299,44 @@ input[type="search"] { background-color: var(--txt-highlight-color); } -td{ +td { color: var(--txt-primary-color); } .welcome { + height: 180px; + width: 600px; + margin-left: 25%; text-align: center; + color: var(--txt-primary-color); + vertical-align: middle; } -.tabcontent{ +.mozdeflogo{ + width: 500px; + vertical-align: middle; +} + +.tabcontent { margin-top: 20px; } -.tabnav a{ +.tabnav a { color: rgb(173, 216, 230); } /* don't float the 'create account' link*/ -#login-buttons #signup-link{ +#login-buttons #signup-link { float: none; } +#login-buttons { + line-height: 1; + padding-top: 15px; +} + /* d3 circle styles for the logincounts visualization */ -.successcircle{ +.successcircle { /* fill: rgb(217,206,178); @@ -313,7 +346,7 @@ td{ fill: rgba(0,255,0,.5); } -.failurecircle{ +.failurecircle { /*fill: rgb(213,222,217);*/ /*fill: #BD2C00;*/ /*fill: #f93;*/ @@ -321,7 +354,7 @@ td{ fill: rgba(255,0,0,.5); } -circle:hover{ +circle:hover { fill: white; } @@ -330,7 +363,7 @@ circle:hover{ stroke-width: 1.5px; } -.textlabel{ +.textlabel { stroke-width: .2px; stroke: black; } @@ -345,7 +378,7 @@ circle:hover{ display: none; } -#header a.mozdef{ +#header a.mozdef { color: var(--txt-primary-color); text-shadow: var(--txt-shadow-color) 5px 3px 3px; text-align: center; @@ -353,11 +386,12 @@ circle:hover{ margin-top: -.25em; } -.mozillalogo{ - width: 90px; +.mozillalogo { + width: 300px; + padding-top: 15px; } -#header label{ +#header label { display: inherit; cursor: auto; margin:.5em; @@ -365,8 +399,7 @@ circle:hover{ /* attacker side nav pull out styling */ /* http://www.sitepoint.com/css3-sliding-menu/ */ -sidenav -{ +sidenav { position: fixed; left: -25em; top: 0; @@ -375,8 +408,6 @@ sidenav border-right: 15px solid #765; box-shadow: 4px 0 5px rgba(0,0,0,0.2); z-index: 1; - - text-align: left; font-weight: bolder; display: inline-block; @@ -386,8 +417,7 @@ sidenav } /*pull out triangle */ -sidenav:after -{ +sidenav:after { position: absolute; content: ' '; width: 0; @@ -399,20 +429,18 @@ sidenav:after border-color: transparent transparent transparent #765; } -sidenav ul -{ +sidenav ul { width: 14em; list-style-type: none; margin: auto; padding: 1em; } -sidenav div{ +sidenav div { margin:auto; } -sidenav:hover -{ +sidenav:hover { left: 0; } @@ -426,8 +454,7 @@ sidenav .reset-filter { margin-top: 20px; } -sidenav -{ +sidenav { -webkit-transition: all 400ms ease; -moz-transition: all 400ms ease; -ms-transition: all 400ms ease; @@ -490,7 +517,7 @@ sidenav width: 270px; position: absolute; left: 10px; - top: 63px; + top: 125px; background-color: rgba(0, 0, 0, 0.2); border-top: 1px solid rgba(255, 255, 255, 0.4); padding: 10px; @@ -500,7 +527,7 @@ sidenav width: 400px; position: absolute; left: 10px; - top: 103px; + top: 180px; background-color: rgba(0, 0, 0, 0.2); border-top: 1px solid rgba(255, 255, 255, 0.4); padding: 10px; @@ -586,7 +613,7 @@ sidenav #nav-main li span { border-color: #3a3c46; color: var(--txt-primary-color); - padding: 8px 10px 10px 10px; + padding: 20px 10px 10px 10px; height: 25px; display: block; border-style: solid; @@ -636,7 +663,7 @@ sidenav transition-timing-function: linear; transition-delay: 0s; transition-property: #6363CE, box-shadow, border-right; - padding-bottom: 30px; + padding-bottom: 20px; outline: 0px none; } diff --git a/meteor/imports/themes/dark/mozdef.css b/meteor/imports/themes/dark/mozdef.css index 99577025d..b148e14ec 100644 --- a/meteor/imports/themes/dark/mozdef.css +++ b/meteor/imports/themes/dark/mozdef.css @@ -5,6 +5,23 @@ file, You can obtain one at http://mozilla.org/MPL/2.0/. Copyright (c) 2014 Mozilla Corporation */ +:root { + --bg-primary-color: #2a2f35; + --secondary-focus-color: #3b89ee; + --bg-secondary-color: #2d5fa0; + --row-color-odd: #2a2f35; + --row-color-even: #636c85; + --ack-edit-color: #a2a9b2; + --ack-edit-border-color: #adadad; + --ack-edit-focus-color: #557750; + --ack-edit-disabled-color: #557750; + --arm-color: #e69006; + --arm-focus-color: #d58512; + --txt-primary-color: #fff; + --txt-secondary-color: #000; + --a-link-color: #a2a9b2; + } + /*base css */ html{ background: none; @@ -50,6 +67,8 @@ caption, legend { display: flex; align-items: center; justify-content: center; + width: 1200px; + padding-bottom: 30px; } #header a.mozilla { @@ -61,6 +80,21 @@ caption, legend { overflow: visible; } +/* Home Page Styling */ +.welcome { + height: 180px; + width: 600px; + margin-left: 25%; + text-align: center; + color: var(--txt-primary-color); + vertical-align: middle; +} + +.mozdeflogo{ + width: 500px; + vertical-align: middle; +} + #bottom-toolbar { background: #444444; width: 100%; @@ -127,12 +161,12 @@ caption, legend { color: rgba(127,255,255,0.75); } -.attackercallout .blockip{ +.attackercallout .blockip { color: #FFF; text-transform: uppercase; margin-top: 20px; } -.attackercallout ul{ +.attackercallout ul { list-style: none; float: left; left: auto; @@ -140,14 +174,14 @@ caption, legend { padding: 0px; } -.attackercallout .indicator{ +.attackercallout .indicator { color: yellow; } -.attackercallout a{ +.attackercallout a { color: yellow; } -.veris-wrapper td{ +.veris-wrapper td { color: black } @@ -177,7 +211,7 @@ caption, legend { --alert-color: white; } -.alert { +.alert { color: var(--alert-color); background-color: var(--alert-bg-color); text-transform: uppercase; @@ -185,7 +219,7 @@ caption, legend { font-weight: bold; } -.alert-row a{ +.alert-row a { color: wheat; } @@ -199,9 +233,10 @@ caption, legend { /*bootstrap overrides*/ .btn { - border: 1px outset; - border-radius: 4px; -} + border: 1px outset; + border-radius: 4px; + color: #999; + } input[type="search"] { @@ -229,20 +264,30 @@ input[type="search"] { background-color: rgba(30,87,153,.5); } -td{ +td { color:white; } .welcome { + height: 180px; + width: 600px; + margin-left: 25%; text-align: center; + color: var(--txt-primary-color); + vertical-align: middle; +} + +.mozdeflogo{ + width: 500px; + vertical-align: middle; } -.tabcontent{ +.tabcontent { margin-top: 20px; } -.tabnav a{ +.tabnav a { color: lightblue; } @@ -266,12 +311,17 @@ td{ } */ /* don't float the 'create account' link*/ -#login-buttons #signup-link{ +#login-buttons #signup-link { float: none; } +#login-buttons { + line-height: 1; + padding-top: 15px; +} + /* d3 circle styles */ -.successcircle{ +.successcircle { /* fill: rgb(217,206,178); @@ -281,7 +331,7 @@ td{ fill: rgba(0,255,0,.5); } -.failurecircle{ +.failurecircle { /*fill: rgb(213,222,217);*/ /*fill: #BD2C00;*/ /*fill: #f93;*/ @@ -289,7 +339,7 @@ td{ fill: rgba(255,0,0,.5); } -circle:hover{ +circle:hover { fill: white; } @@ -298,7 +348,7 @@ circle:hover{ stroke-width: 1.5px; } -.textlabel{ +.textlabel { stroke-width: .2px; stroke: black; } @@ -313,7 +363,7 @@ circle:hover{ display: none; } -#header a.mozdef{ +#header a.mozdef { color:white; text-shadow: #000 5px 3px 3px; text-align: center; @@ -321,16 +371,230 @@ circle:hover{ margin-top: -.25em; } -.mozillalogo{ - width: 90px; +.mozillalogo { + width: 300px; + padding-top: 15px; } -#header label{ +#header label { display: inherit; cursor: auto; margin:.5em; } +/* Attackers sidenav menu */ +sidenav { + background: var(--bg-primary-color); + border-right: 15px solid var(--bg-secondary-color); + text-align: left; + font-weight: bolder; + position: fixed; + top: 0; + bottom: 0; + height: 100%; + left: -25em; + margin: 0em; + padding-top: 1em; + display: inline-block; + line-height: normal; + -webkit-transform: translateZ(0) scale(1, 1); + z-index: 3; + -webkit-transition: all 400ms ease; + -moz-transition: all 400ms ease; + -ms-transition: all 400ms ease; + -o-transition: all 400ms ease; + transition: all 400ms ease; + } + + /*pull out triangle*/ + sidenav:after { + position: absolute; + content: ' '; + width: 0; + height: 0; + right: -75px; + top: 50%; + border-width: 30px 30px; + border-style: solid; + border-color: transparent transparent transparent var(--bg-secondary-color); + } + sidenav ul { + width: 14em; + list-style-type: none; + margin: auto; + padding: 1em; + } + sidenav div{ + margin:auto; + } + sidenav:hover { + left: 0; + } + sidenav .filters-col .row { + margin-top: 45px; + padding: 0 0.5em; + } + sidenav .reset-filter { + text-align: center; + margin-top: 20px; + } + .form-horizontal .form-group { + margin-left: 5px; + margin-right: 5px; + padding-top: 5px; + } + + @media screen and (max-width: 1000px) { + sidenav { + background: var(--bg-primary-color); + border-left: 15px solid var(--bg-secondary-color); + text-align: left; + font-weight: bolder; + position: fixed; + top: 0; + bottom: 0; + height: 100%; + right: -16em; + margin: 0em; + padding-top: 1em; + display: inline-block; + line-height: normal; + -webkit-transform: translateZ(0) scale(1, 1); + z-index: 3; + -webkit-transition: all 400ms ease; + -moz-transition: all 400ms ease; + -ms-transition: all 400ms ease; + -o-transition: all 400ms ease; + transition: all 400ms ease; + } + sidenav:after { + right: 230px; + border-top: 0; + border-bottom: 0; + border-right: 0; + content: none; + } + sidenav ul { + width: 14em; + list-style-type: none; + margin: auto; + padding: 1em; + } + sidenav div{ + margin:auto; + } + sidenav:hover { + right: 0; + width: 230px; + overflow-y: scroll; + scrollbar-width: inherit; + scrollbar-color: var(--bg-secondary-color) black; + } + sidenav .filters-col .row { + margin-top: 25px; + padding: 0 1.5em; + } + sidenav .reset-filter { + text-align: center; + margin-top: 20px; + } + div.dc-chart { + float: none; + } + } + +/* globe styling */ +.globe-container { + background: #000000; + color: #ffffff; +} + +.globe-info { + font-size: 11px; + position: absolute; + bottom: 5px; + background-color: rgba(0, 0, 0, 0.8); + border-radius: 3px; + right: 10px; + padding: 10px; + color: var(--ack-edit-color); +} + +.globe-container a { + color: #aaa; + text-decoration: none; +} + +.globe-container a:hover { + text-decoration: underline; +} + +.globe-campaigns { + width: 270px; + position: absolute; + left: 10px; + top: 125px; + background-color: rgba(0, 0, 0, 0.2); + border-top: 1px solid rgba(255, 255, 255, 0.4); + padding: 10px; +} + +.globe-time { + width: 400px; + position: absolute; + left: 10px; + top: 180px; + background-color: rgba(0, 0, 0, 0.2); + border-top: 1px solid rgba(255, 255, 255, 0.4); + padding: 5px; +} + +.globe-facts { + width: 300px; + position: absolute; + left: 10px; + bottom: 0px; + background-color: rgba(0, 0, 0, 0.2); + border-top: 1px solid rgba(255, 255, 255, 0.4); + border-right: 1px solid rgba(255, 255, 255, 0.4); + padding: 10px; + font-size: 12px; + color: rgba(255, 255, 255, 0.9); + display: none; +} + +.globe-campaigns .campaign{ + font-size: 12px; + line-height: 26px; + height: 30px; + text-align: center; + float: left; + width: 60px; + color: rgba(255, 255, 255, 0.4); + cursor: pointer; + transition: all 0.1s ease-out; +} + +.globe-time .time{ + font-size: 12px; + line-height: 26px; + height: 30px; + text-align: center; + float: left; + width: 90px; + color: rgba(255, 255, 255, 0.4); + cursor: pointer; + transition: all 0.1s ease-out; +} + +.globe-campaigns .campaign:hover, +.globe-campaigns .campaign.active, +.globe-time .time:hover, +.globe-time .time.active { + font-size: 14px; + color: #fff; +} + /*menu styling*/ #nav-main { text-align: left; @@ -365,7 +629,7 @@ circle:hover{ #nav-main li span { border-color: #3a3c46; color: #fff; - padding: 8px 10px 10px 10px; + padding: 20px 10px 10px 10px; height: 25px; display: block; border-style: solid; @@ -415,7 +679,7 @@ circle:hover{ transition-timing-function: linear; transition-delay: 0s; transition-property: #6363CE, box-shadow, border-right; - padding-bottom: 30px; + padding-bottom: 20px; outline: 0px none; } @@ -500,7 +764,6 @@ circle:hover{ #nav-main ul li.current ul li a:focus, #nav-main ul li.current ul li a:active, .js #nav-main ul li.current ul li a:focus { - background: rgb(227,235,244); background: rgba(41,48,54,0.2); box-shadow: inset rgba(41,48,54,0.3) 0 2px 0px, diff --git a/meteor/imports/themes/light/mozdef.css b/meteor/imports/themes/light/mozdef.css index c8cfd8aa5..a75cc751d 100644 --- a/meteor/imports/themes/light/mozdef.css +++ b/meteor/imports/themes/light/mozdef.css @@ -5,10 +5,10 @@ file, You can obtain one at http://mozilla.org/MPL/2.0/. Copyright (c) 2014 Mozilla Corporation */ -/* variables */ +/* light theme variables */ :root { - --bg-primary-color: rgba(255,255,255,.5); - --bg-secondary-color: #444444; + --bg-primary-color: rgba(230, 227, 227, 0.5); + --bg-secondary-color: #707070; --txt-primary-color: #000; --txt-secondary-color: #fff; --txt-shadow-color: #aaa; @@ -61,6 +61,8 @@ caption, legend { display: flex; align-items: center; justify-content: center; + width: 1200px; + padding-bottom: 30px; } #header a.mozilla { @@ -72,6 +74,27 @@ caption, legend { overflow: visible; } +/* Home Page Styling */ +.welcome { + height: 180px; + width: 600px; + margin-left: 25%; + text-align: center; + color: var(--txt-primary-color); + vertical-align: middle; +} + +.mozdeflogo{ + width: 500px; + vertical-align: middle; +} + +/* dc-chart empty color */ +.dc-chart .empty-chart .pie-slice path { + fill: #bcb8b8; + cursor: default; +} + #bottom-toolbar { background: var(--bg-secondary-color); width: 100%; @@ -138,12 +161,12 @@ caption, legend { color: rgba(127,255,255,0.75); } -.attackercallout .blockip{ +.attackercallout .blockip { color: var(--txt-primary-color);; text-transform: uppercase; margin-top: 20px; } -.attackercallout ul{ +.attackercallout ul { list-style: none; float: left; left: auto; @@ -151,14 +174,14 @@ caption, legend { padding: 0px; } -.attackercallout .indicator{ +.attackercallout .indicator { color: yellow; } -.attackercallout a{ +.attackercallout a { color: yellow; } -.veris-wrapper td{ +.veris-wrapper td { color: black } @@ -196,7 +219,7 @@ caption, legend { font-weight: bold; } -.alert-row a{ +.alert-row a { color: var(--a-link-color); } @@ -268,6 +291,11 @@ input[type="search"] { float: none; } +.dc-chart .empty-chart .pie-slice path { + fill: #e3e3e3; + cursor: default; +} + .table-striped tbody > tr:nth-child(odd) > td, .table-striped tbody > tr:nth-child(odd) > th { background-color: var(--row-color-odd); @@ -278,29 +306,44 @@ input[type="search"] { background-color: var(--txt-highlight-color); } -td{ +td { color: var(--txt-primary-color); } .welcome { + height: 180px; + width: 600px; + margin-left: 25%; text-align: center; + color: var(--txt-primary-color); + vertical-align: middle; +} + +.mozdeflogo{ + width: 500px; + vertical-align: middle; } -.tabcontent{ +.tabcontent { margin-top: 20px; } -.tabnav a{ +.tabnav a { color: lightblue; } /* don't float the 'create account' link*/ -#login-buttons #signup-link{ +#login-buttons #signup-link { float: none; } +#login-buttons { + line-height: 1; + padding-top: 15px; +} + /* d3 circle styles */ -.successcircle{ +.successcircle { /* fill: rgb(217,206,178); @@ -310,7 +353,7 @@ td{ fill: rgba(0,255,0,.5); } -.failurecircle{ +.failurecircle { /*fill: rgb(213,222,217);*/ /*fill: #BD2C00;*/ /*fill: #f93;*/ @@ -318,7 +361,7 @@ td{ fill: rgba(255,0,0,.5); } -circle:hover{ +circle:hover { fill: white; } @@ -327,7 +370,7 @@ circle:hover{ stroke-width: 1.5px; } -.textlabel{ +.textlabel { stroke-width: .2px; stroke: black; } @@ -342,19 +385,12 @@ circle:hover{ display: none; } -#header a.mozdef{ - color: var(--txt-primary-color); - text-shadow: var(--txt-shadow-color) 3px 2px 2px; - text-align: center; - font-size: large; - margin-top: -.25em; -} - -.mozillalogo{ - width: 90px; +.mozillalogo { + width: 300px; + padding-top: 15px; } -#header label{ +#header label { display: inherit; cursor: auto; margin:.5em; @@ -362,14 +398,13 @@ circle:hover{ /* attacker side nav pull out styling */ /* http://www.sitepoint.com/css3-sliding-menu/ */ -sidenav -{ +sidenav { position: fixed; left: -25em; top: 0; bottom: 0; background-color: var(--bg-secondary-color); - border-right: 15px solid #765; + border-right: 15px solid #6d5e5e; box-shadow: 4px 0 5px rgba(0,0,0,0.2); z-index: 1; @@ -383,8 +418,7 @@ sidenav } /*pull out triangle */ -sidenav:after -{ +sidenav:after { position: absolute; content: ' '; width: 0; @@ -393,23 +427,21 @@ sidenav:after top: 50%; border-width: 30px 30px; border-style: solid; - border-color: transparent transparent transparent #765; + border-color: transparent transparent transparent #6d5e5e; } -sidenav ul -{ +sidenav ul { width: 14em; list-style-type: none; margin: auto; padding: 1em; } -sidenav div{ +sidenav div { margin:auto; } -sidenav:hover -{ +sidenav:hover { left: 0; } @@ -423,8 +455,7 @@ sidenav .reset-filter { margin-top: 20px; } -sidenav -{ +sidenav { -webkit-transition: all 400ms ease; -moz-transition: all 400ms ease; -ms-transition: all 400ms ease; @@ -434,7 +465,7 @@ sidenav /*veris tag styling*/ -.veristagform{ +.veristagform { padding: 10px; font-size: 95%; background: #999; @@ -444,7 +475,7 @@ sidenav .veristagform .dropdown { margin: 10px 0; } -.tag{ +.tag { cursor: pointer; text-align: left; word-wrap: break-word; @@ -453,7 +484,7 @@ sidenav cursor: pointer; color: var(--txt-primary-color); } -.veristagform .label{ +.veristagform .label { cursor: pointer; } @@ -487,7 +518,7 @@ sidenav width: 270px; position: absolute; left: 10px; - top: 63px; + top: 125px; background-color: rgba(0, 0, 0, 0.2); border-top: 1px solid rgba(255, 255, 255, 0.4); padding: 10px; @@ -497,10 +528,10 @@ sidenav width: 400px; position: absolute; left: 10px; - top: 103px; + top: 180px; background-color: rgba(0, 0, 0, 0.2); border-top: 1px solid rgba(255, 255, 255, 0.4); - padding: 10px; + padding: 5px; } .globe-facts { @@ -582,12 +613,11 @@ sidenav #nav-main li a:visited, #nav-main li span { color:#000; - padding: 8px 10px 10px 10px; + padding: 20px 10px 10px 10px; height: 25px; display: block; - border-style: solid; + border-style: none; border-width: 0px 1px; - z-index: 100; position:relative; float:left; border-image: none; @@ -608,6 +638,17 @@ sidenav /* Second-level Menu Items */ +#nav-main li:hover ul, +.js #nav-main li.hover ul { + margin-top: 2.5em; + left: 0; + opacity: 1; + -moz-transition: opacity 0.2s ease-in-out; + -webkit-transition: opacity 0.2s ease-in-out; + -o-transition: opacity 0.2s ease-in-out; + transition: opacity 0.2s ease-in-out; +} + #nav-main ul ul, #nav-main ul ul li { height: auto; @@ -625,10 +666,8 @@ sidenav z-index: 99; width: 190px; border-radius: 0px 4px 4px; - border: 1px solid #3a3c46; - background: #000; - background: rgba(0,0,0,0.9); - + border: none; + background: rgb(73, 70, 70); } #nav-main ul ul li { @@ -641,7 +680,7 @@ sidenav #nav-main ul ul a:link, #nav-main ul ul a:visited { overflow: hidden; - color: #fff; + color: #000; padding: 3px 10px; margin: 0px; height: auto; @@ -656,11 +695,65 @@ sidenav #nav-main ul ul a:hover, #nav-main ul ul a:focus, #nav-main ul ul a:active { - color: #fff; + color: var(--txt-secondary-color); background: rgb(227,235,244); background: rgba(241,248,254,0.2); } +/* Currently active menu items */ +#nav-main ul li.current span, +#nav-main ul li.current a, +#nav-main ul li.current a:link, +#nav-main ul li.current a:visited { + border-bottom-width: 1px; + -moz-border-radius: 0 0 4px 4px; + -webkit-border-radius: 0 0 4px 4px; + border-radius: 0 0 4px 4px; + background: #fbfdff; + background: -moz-linear-gradient(top, rgba(255,255,255,0.4) 0%, + rgba(255,255,255,0.8) 100%); + box-shadow: + rgba(152,178,201,0.2) 0 0px 0px, + inset rgba(152,178,201,0.3) 0 -2px 0, + inset rgba(255,255,255,0.8) 0 -6px 6px 4px; + -moz-box-shadow: + rgba(152,178,201,0.2) 0 0px 0px, + inset rgba(152,178,201,0.3) 0 -2px 0, + inset rgba(255,255,255,0.8) 0 -6px 6px 4px; + -webkit-box-shadow: + rgba(152,178,201,0.2) 0 0px 0px, + inset rgba(152,178,201,0.3) 0 -2px 0, + inset rgba(255,255,255,0.8) 0 -6px 6px 4px; + padding-right: 30px; + padding-bottom: 15px; +} + +#nav-main ul li.current:hover a, +#nav-main ul li.current.hover a, +#nav-main ul li.current a:hover, +#nav-main ul li.current a:focus, +#nav-main ul li.current a:active, +.js #nav-main ul li.current a:focus { + box-shadow: none; + -moz-box-shadow: none; + -webbkit-box-shadow: none; + -webkit-border-radius: 0; + -moz-border-radius: 0; + border-radius: 0; + border-bottom: 0; +} + +#nav-main ul li.current ul span, +#nav-main ul li.current ul a, +#nav-main ul li.current ul a:link, +#nav-main ul li.current ul a:visited { + background: none; + height: auto; + box-shadow: none; + -webkit-box-shadow: none; + -moz-box-shadow: none; + padding: 8px 10px; +} .mousepointer { diff --git a/meteor/imports/themes/side_nav_dark/menu.js b/meteor/imports/themes/side_nav_dark/menu.js new file mode 100644 index 000000000..bb3b80d72 --- /dev/null +++ b/meteor/imports/themes/side_nav_dark/menu.js @@ -0,0 +1,37 @@ +import { Meteor } from 'meteor/meteor'; +import { Template } from 'meteor/templating'; +import { Tracker } from 'meteor/tracker' + +Template.side_nav_menu.rendered = function() { + Tracker.autorun( function() { + Meteor.subscribe( "features" ); + } ); +}; + +Template.side_nav_menu.helpers( { + haveFeatures: function() { + //subscription has records? + return features.find().count() > 0; + }, + resolveKibanaURL: function( url ) { + // special function just for the menu + // to adjust the kibana URL if we are told to make it 'relative' + // to whatever DNS name we are running on + // i.e. pass in http://relative:9090/app/kibana + // when the running dns is something.com + // and we will set the hostname to something.com instead of 'relative' + var kibanaURL = new URL( url ); + if ( kibanaURL.hostname == 'relative' ) { + // we were passed something like OPTIONS_METEOR_KIBANAURL=http://relative:9090/app/kibana + // so lets figure out where we should be + dnsURL = new URL( document.URL ); + kibanaURL.hostname = dnsURL.hostname; + } + return kibanaURL; + }, + // loads kibana dashboards + kibanadashboards: function() { + Meteor.call( 'loadKibanaDashboards' ); + return kibanadashboards.find(); + } +} ); diff --git a/meteor/imports/themes/side_nav_dark/mozdef.css b/meteor/imports/themes/side_nav_dark/mozdef.css new file mode 100644 index 000000000..39c48f279 --- /dev/null +++ b/meteor/imports/themes/side_nav_dark/mozdef.css @@ -0,0 +1,917 @@ +@import url('https://fonts.googleapis.com/css?family=Zilla+Slab+Highlight'); +@import url('https://fonts.googleapis.com/css?family=Zilla+Slab'); +@import url('https://netdna.bootstrapcdn.com/font-awesome/4.0.3/css/font-awesome.css'); +/* +This Source Code Form is subject to the terms of the Mozilla Public +License, v. 2.0. If a copy of the MPL was not distributed with this +file, You can obtain one at http://mozilla.org/MPL/2.0/. +Copyright (c) 2014 Mozilla Corporation +*/ + +/*side-nav-dark css */ + +:root { + --primary-bg-color: #2a2f35; + --secondary-focus-color: #3b89ee; + --secondary-color: #2d5fa0; + --row-color-odd: #2a2f35; + --row-color-even: #636c85; + --ack-edit-color: #a2a9b2; + --ack-edit-border-color: #adadad; + --ack-edit-focus-color: #557750; + --ack-edit-disabled-color: #557750; + --arm-color: #e69006; + --arm-focus-color: #d58512; + --font-main: #fff; + --font-focus: #000; + --a-link-color: #a2a9b2; +} + +html{ + background: none; + min-height: 100%; +} + +body{ + /*gradient*/ + + background: rgb(42, 47, 53); /* Old browsers */ + background: -moz-radial-gradient(ellipse, rgb(99, 108, 118) 0%, rgb(42, 47, 53) 100%); /* FF3.6+ */ + background: -webkit-radial-gradient(ellipse, rgb(99, 108, 118) 0%, rgb(42, 47, 53) 100%); /* Chrome10+,Safari5.1+ */ + background: -o-radial-gradient(ellipse, rgba(99, 108, 118, 1) 0%, rgb(42, 47, 53) 100%); /* Opera 11.10+ */ + background: radial-gradient(ellipse, rgb(99, 108, 118) 0%, rgb(42, 47, 53) 100%); /* W3C */ + filter: progid:DXImageTransform.Microsoft.gradient(startColorstr="#636c76",endColorstr="#2a2f35",GradientType=1); /* IE6-9 fallback on horizontal gradient */ + + font-size: 14px; + /*margin: 0;*/ + /*min-width: 990px;*/ + padding: 0; + color: var(--font-main); + line-height: normal; + text-align: left; +} + +.container { + margin-top: 1%; +} + +/*mozdef custom */ +.upperwhite { + color: var(--font-main); + text-transform: uppercase; +} + +caption, legend { + color: var(--font-main); +} + +.shadow { + text-shadow: #000 .7px .7px .7px; +} + +.ipaddress { + color: var(--font-main); + font-style: normal; + font-weight: normal; + +} + +.headercontainer { + display: flex; + align-items: center; + justify-content: center; +} + +#header a.mozilla { + position: relative; + float: right; + display: block; + height: 40px; + width: 100px; + overflow: visible; +} + +#bottom-toolbar { + background: #636c76; + width: 100%; + height: 40px; + padding-left: 5px; + padding-top: 5px; + position: fixed; + bottom: 0; + opacity: .3; + z-index: 2; + font-size: 13px; + color: var(--font-main); +} + +#bottom-toolbar:hover { + opacity: 1; +} + +#bottom-toolbar .button { + margin: 3px 3px 3px 0; + padding: 2px 3px 2px 5px; + height: 13px; + line-height: 13px; +} + + +.attackshoverboard { + /*width: 500px;*/ + /*height: 500px;*/ + /*background-color: green;*/ + -moz-transform: scaleY(-1); + -webkit-transform: scaleY(-1); + -o-transform: scaleY(-1); + transform: scaleY(-1); + display: none; +} + +.dropdown-submenu{position:relative;} +.dropdown-submenu>.dropdown-menu{top:0;left:100%;-webkit-border-radius:0 6px 6px 6px;-moz-border-radius:0 6px 6px 6px;border-radius:0 6px 6px 6px;} +.dropdown-submenu:active>.dropdown-menu, .dropdown-submenu:hover>.dropdown-menu { + display: block; + right:162px; +} +.dropdown-submenu>a:after{display:block;content:" ";float:right;width:0;height:0;border-color:transparent;border-style:solid;border-width:5px 0 5px 5px;border-left-color:#cccccc;margin-top:5px;margin-right:-10px;} +.dropdown-submenu:active>a:after{border-left-color:#ffffff;} +.dropdown-submenu.pull-left{float:none;}.dropdown-submenu.pull-left>.dropdown-menu{left:-100%;margin-left:10px;-webkit-border-radius:6px 0 6px 6px;-moz-border-radius:6px 0 6px 6px;border-radius:6px 0 6px 6px;} + + + +.attackercallout { + width: 120px; + height: 160px; + box-shadow: 0px 0px 12px rgba(0,255,255,0.5); + opacity: .5; + background: black; + border: 1px solid rgba(127,255,255,0.25); + text-align: center; + cursor: default; + z-index: 99; +} + + + +.attackercallout .id { + font-size: 12px; + color: rgba(127,255,255,0.75); +} + +.attackercallout .details { + text-align: left; + left: 2px; + font-size: 12px; + color: rgba(127,255,255,0.75); +} + +.attackercallout .blockip{ + color: #FFF; + text-transform: uppercase; + margin-top: 20px; +} +.attackercallout ul{ + list-style: none; + float: left; + left: auto; + margin: 0px; + padding: 0px; +} + +.attackercallout .indicator{ + color: yellow; +} +.attackercallout a{ + color: yellow; +} + +.veris-wrapper td{ + color: black +} + +.veris-wrapper { + background-color: rgba(245,245,245,.7) +} + +/*alerts screen alert color scheme*/ +.alert.alert-NOTICE { + --alert-bg-color: #4a6785; + --alert-color: white; +} +.alert.alert-WARNING { + --alert-bg-color: #ffd351; + --alert-color: black; +} +.alert.alert-CRITICAL { + --alert-bg-color: #d04437; + --alert-color: white; +} +.alert.alert-INFO { + --alert-bg-color: #cccccc; + --alert-color: black; +} +.alert.alert-ERROR { + --alert-bg-color: #d04437; + --alert-color: white; +} + +.alert { + color: var(--alert-color); + background-color: var(--alert-bg-color); + text-transform: uppercase; + display: table-cell; + font-weight: bold; +} + +.alert-row a{ + color: var(--a-link-color); +} + +.row { + color: white; +} + +.modal-body .row { + color: black; +} +/*bootstrap overrides*/ + +.btn { + border: 1px outset; + border-radius: 4px; + color: var(--font-main); + background-color: var(--arm-color); +} + +.btn-warning.active, +.btn-warning:active, +.btn-warning:hover, +.open > .dropdown-toggle.btn-warning { + color: var(--font-focus); + background-color: var(--arm-focus-color); + border-color: var(--arm-color); +} + +.btn-notice { + border: 1px outset; + border-radius: 4px; + color: var(--font-focus); + background-color: var(--ack-edit-color); +} + +.btn-notice.active, +.btn-notice:active, +.btn-notice:hover, +.open > .dropdown-toggle.btn-notice { + color: var(--font-main); + background-color: var(--ack-edit-focus-color); + border-color: var(--ack-edit-border-color); +} + +.btn-notice:disabled, button[disabled] { + color: var(--font-main); + background-color: var(--ack-edit-disabled-color); + border-color: var(--ack-edit-border-color); +} + +.btn-generic { + border: 1px outset; + border-radius: 4px; + color: var(--font-focus); + background-color: var(--ack-edit-color); +} + +.btn-generic:focus { + color: var(--font-main); + background-color: #286090; + border-color: #204d74; +} + +.btn-generic.active, +.btn-generic:active, +.btn-genric:hover, +.open > .dropdown-toggle.btn-generic { + color: var(--font-focus); + background-color: var(--ack-edit-focus-color); + border-color: var(--ack-edit-border-color); +} + +.btn-primary { + height: 30px; +} + +input[type="search"] { + border-radius: 15px; +} + +[class*="span"].centerspan { + margin: 0 auto; + float: none; +} + +.center { + margin: 0 auto; + float: none; +} + +.table-striped tbody > tr:nth-child(odd) > td, +.table-striped tbody > tr:nth-child(odd) > th { + background-color: var(--row-color-odd); +} + +.table-striped > tbody > tr:nth-of-type(2n+1) { + background-color: var(--row-color-even); +} + +.table-hover tbody tr:hover > td, +.table-hover tbody tr:hover > th, +.table-hover > tbody > tr:hover { + background-color: #9a9ea5; + color: var(--font-focus); +} + +td{ + color: var(--font-main); +} + +.welcome { + background: none; + height: 180px; + width: 600px; + margin-left: 25%; + text-align: center; + color: var(--font-focus); + border: none; + vertical-align: middle; +} + +.mozdeflogo{ + width: 500px; +} + +.tabcontent{ + margin-top: 20px; +} + +.tabnav a{ + color: #5f6e81; +} + +/* uncomment this login ui css to hide the local account/password signup options +.logins-wrapper .svgtextlabel { + font-size: 20px; + color: white; +} + +.loginButtons { + text-align: right; + color:white; +} + +.login-password-form{ + display:none; +} + +.or { + display: none; +} +*/ +/* don't float the 'create account' link*/ +#login-buttons #signup-link{ + float: none; +} + +/* d3 circle styles */ +.successcircle{ + /* + fill: rgb(217,206,178); + + fill: rgb(60,179,113); + */ + /*fill: rgba(0,150,221,.8);*/ + fill: rgba(0,255,0,.5); +} + +.failurecircle{ + /*fill: rgb(213,222,217);*/ + /*fill: #BD2C00;*/ + /*fill: #f93;*/ + /*fill: rgba(193, 56, 50, .8);*/ + fill: rgba(255,0,0,.5); +} + +circle:hover{ + fill: var(--font-main); +} + +.node { + stroke: var(--font-focus); + stroke-width: 1.5px; +} + +.textlabel{ + stroke-width: .2px; + stroke: var(--font-focus); +} + +.vtagholders { + padding-left: 1px; + padding-right: 0px; +} + +#header:after { + content: ""; + display: none; +} + +.mozillalogo{ + width: 90px; +} + +#header label{ + display: inherit; + cursor: auto; + margin:.5em; +} + +.mousepointer { + cursor: pointer; +} + +.fa-xs { + font-size: .75em; +} + +/* Attackers sidenav menu */ +sidenav { + background: var(--primary-bg-color); + border-left: 15px solid var(--secondary-color); + text-align: left; + font-weight: bolder; + position: fixed; + top: 0; + bottom: 0; + height: 100%; + right: -29em; + margin: 0em; + padding-top: 1em; + display: inline-block; + line-height: normal; + -webkit-transform: translateZ(0) scale(1, 1); + z-index: 3; + -webkit-transition: all 400ms ease; + -moz-transition: all 400ms ease; + -ms-transition: all 400ms ease; + -o-transition: all 400ms ease; + transition: all 400ms ease; +} + +/*pull out triangle*/ +sidenav:after { + position: absolute; + content: ' '; + width: 0; + height: 0; + right: 405px; + top: 45%; + border-top: 45px solid transparent; + border-bottom: 45px solid transparent; + border-right: 45px solid var(--secondary-color); +} +sidenav ul { + width: 14em; + list-style-type: none; + margin: auto; + padding: 1em; +} +sidenav div{ + margin:auto; +} +sidenav:hover { + right: 0; + width: 405px; +} +sidenav .filters-col .row { + margin-top: 45px; + padding: 0 0.5em; +} +sidenav .reset-filter { + text-align: center; + margin-top: 20px; +} +.form-horizontal .form-group { + margin-left: 5px; + margin-right: 5px; + padding-top: 5px; +} + +@media screen and (max-width: 1000px) { + sidenav { + background: var(--primary-bg-color); + border-left: 15px solid var(--secondary-color); + text-align: left; + font-weight: bolder; + position: fixed; + top: 0; + bottom: 0; + height: 100%; + right: -16em; + margin: 0em; + padding-top: 1em; + display: inline-block; + line-height: normal; + -webkit-transform: translateZ(0) scale(1, 1); + z-index: 3; + -webkit-transition: all 400ms ease; + -moz-transition: all 400ms ease; + -ms-transition: all 400ms ease; + -o-transition: all 400ms ease; + transition: all 400ms ease; + } + sidenav:after { + right: 230px; + border-top: 0; + border-bottom: 0; + border-right: 0; + content: none; + } + sidenav ul { + width: 14em; + list-style-type: none; + margin: auto; + padding: 1em; + } + sidenav div{ + margin:auto; + } + sidenav:hover { + right: 0; + width: 230px; + overflow-y: scroll; + scrollbar-width: inherit; + scrollbar-color: var(--secondary-color) black; + } + sidenav .filters-col .row { + margin-top: 25px; + padding: 0 1.5em; + } + sidenav .reset-filter { + text-align: center; + margin-top: 20px; + } + div.dc-chart { + float: none; + } +} + +.fa-lg { + position: relative; + display: table-cell; + width: 60px; + height: 36px; + text-align: center; + vertical-align: middle; + font-size: 1.33333em; +} + +/* globe styling */ +.globe-container { + background: #000000; + color: #ffffff; +} + +.globe-info { + font-size: 11px; + position: absolute; + bottom: 5px; + background-color: rgba(0, 0, 0, 0.8); + border-radius: 3px; + right: 10px; + padding: 10px; + color: var(--txt-secondary-color); +} + +.globe-container a { + color: #aaa; + text-decoration: none; +} + +.globe-container a:hover { + text-decoration: underline; +} + +.globe-campaigns { + width: 270px; + position: absolute; + right: 280px; + top: 63px; + background-color: rgba(0, 0, 0, 0.2); + border-top: 1px solid rgba(255, 255, 255, 0.4); + padding: 10px; +} + +.globe-time { + width: 400px; + position: absolute; + right: 150px; + top: 103px; + background-color: rgba(0, 0, 0, 0.2); + border-top: 1px solid rgba(255, 255, 255, 0.4); + padding: 10px; +} + +.globe-facts { + width: 300px; + position: absolute; + left: 10px; + bottom: 0px; + background-color: rgba(0, 0, 0, 0.2); + border-top: 1px solid rgba(255, 255, 255, 0.4); + border-right: 1px solid rgba(255, 255, 255, 0.4); + padding: 10px; + font-size: 12px; + color: rgba(255, 255, 255, 0.9); + display: none; +} + +.globe-campaigns .campaign{ + font-size: 12px; + line-height: 26px; + height: 30px; + text-align: center; + float: left; + width: 60px; + color: rgba(255, 255, 255, 0.4); + cursor: pointer; + transition: all 0.1s ease-out; +} + +.globe-time .time{ + font-size: 12px; + line-height: 26px; + height: 30px; + text-align: center; + float: left; + width: 90px; + color: rgba(255, 255, 255, 0.4); + cursor: pointer; + transition: all 0.1s ease-out; +} + +.globe-campaigns .campaign:hover, +.globe-campaigns .campaign.active, +.globe-time .time:hover, +.globe-time .time.active { + font-size: 14px; + color: #fff; +} + +.moz { + position: relative; + display: table-cell; + width: 60px; + height: 36px; + text-align: center; + vertical-align: middle; + font-size: 20px; +} + +.main-menu:hover, +nav.main-menu.expanded { + width: 225px; + overflow: visible; +} + +.main-menu { + background: var(--primary-bg-color); + border-right: 1px solid var(--secondary-color); + position: fixed; + top: 0; + bottom: 0; + height: 100%; + left: 0; + width: 60px; + overflow: hidden; + -webkit-transition: width .05s linear; + transition: width .05s linear; + -webkit-transform: translateZ(0) scale(1, 1); + z-index: 1000; +} + +.main-menu>ul { + margin: 7px 0; +} + +.main-menu li { + position: relative; + display: block; + width: 225px; +} + +.main-menu li:hover>a, +nav.main-menu li.active>a, +.dropdown-menu>li>a:hover, +.dropdown-menu>li>a:focus, +.dropdown-menu>.active>a, +.dropdown-menu>.active>a:hover, +.dropdown-menu>.active>a:focus, +.no-touch .dashboard-page nav.dashboard-menu ul li:hover a, +.dashboard-page nav.dashboard-menu ul li.active a { + color: rgb(0, 0, 0); + text-decoration: none; + background-color: var(--secondary-focus-color); +} + +.main-menu li ul, +.main-menu li ul li ul { + position: absolute; + height: auto; + min-width: 120px; + margin: 0; + background: var(--primary-bg-color); + opacity: 0; + visibility: hidden; + transition: all 300ms linear; + -o-transition: all 300ms linear; + -ms-transition: all 300ms linear; + -moz-transition: all 300ms linear; + -webkit-transition: all 300ms linear; + /*top: 130px;*/ + z-index: 1000; + /* == */ + left:200px; + top: 0px; + border-left: 5px solid var(--secondary-focus-color); + /* == */ +} + +.main-menu li ul:before { + content: ""; + position: absolute; + /*top: -8px; + left: 23%; + border-bottom: 5px solid #97b4b4; + border-left: 5px solid transparent; + border-right: 5px solid transparent;*/ + /* == */ + top: 10px; + left: -9px; + border-right: 5px solid var(--secondary-focus-color); + border-bottom: 5px solid transparent; + border-top: 5px solid transparent; + /* == */ +} + +.main-menu li:hover > ul, +.main-menu li ul li:hover > .main-menu li ul li { + display: block; + opacity: 1; + visibility: visible; + padding: 5px; + /*top: 100px;*/ + /* == */ + left:228px; + text-decoration: none; + /* == */ +} + +/*.main-menu li ul li { + float: none; +}*/ + +.main-menu li ul li a { + padding: 10px; + text-align: left; + border: 0; + border-bottom: 1px solid #EEE; + /* == */ + height: auto; + /* == */ +} + +.main-menu li ul li a i { + font-size: 16px; + display: inline-block; + margin: 0 10px 0 0; +} + +.main-menu li ul li ul { + left: 200px; + top: 0; + border: 0; + border-left: 4px solid var(--secondary-color); +} + +.main-menu li ul li ul:before { + content: ""; + position: absolute; + top: 15px; + /*left: -14px;*/ + /* == */ + left: -9px; + /* == */ + border-right: 5px solid var(--secondary-color); + border-bottom: 5px solid transparent; + border-top: 5px solid transparent; +} + +.main-menu li ul li:hover > ul { + top: 0px; + left: 200px; +} + +.main-menu li>a { + position: relative; + display: table; + border-collapse: collapse; + border-spacing: 0; + color: rgb(255, 255, 255); + font-family: "Zilla Slab",sans-serif; + font-size: 14px; + text-decoration: none; + -webkit-transform: translateZ(0) scale(1, 1); + -webkit-transition: all .1s linear; + transition: all .5s linear; +} + +.main-menu .nav-icon { + position: relative; + display: table-cell; + width: 60px; + height: 36px; + text-align: center; + vertical-align: middle; + font-size: 20px; +} + +.main-menu .nav-text { + position: relative; + display: table-cell; + vertical-align: middle; + width: 163px; + font-family: 'Zilla Slab', serif; +} + +.main-menu>ul.logout { + position: absolute; + left: 0; + bottom: 0; +} + +.no-touch .scrollable.hover { + overflow-y: hidden; +} + +.no-touch .scrollable.hover:hover { + overflow-y: auto; + overflow: visible; +} + +a:hover, +a:focus { + text-decoration: none; +} + +nav { + -webkit-user-select: none; + -moz-user-select: none; + -ms-user-select: none; + -o-user-select: none; + user-select: none; +} + +nav ul, +nav li { + outline: 0; + margin: 0; + padding: 0; +} + +@font-face { + font-family: 'Zilla Slab'; + font-style: normal; + font-weight: 300; + src: local('Zilla Slab'), local('ZillaSlab-Regular'), url(https://fonts.gstatic.com/s/zillaslab/v3/dFa6ZfeM_74wlPZtksIFajQ6_UyI.woff2) format('woff2'); +} + +.Heading { + margin-left: 100px; + margin-top: 0px; + color: #fff; + align-self: center; + font-family: 'Zilla Slab', serif; +} + +h1 { + max-width: 600px; + color: #fff; + min-height: 100%; + background: rgb(0, 0, 0); + font-family: 'Zilla Slab', serif; +} + +div#login-dropdown-list.accounts-dialog { + bottom: -16px; + top: unset; +} diff --git a/meteor/package-lock.json b/meteor/package-lock.json index 3b1c4ab2d..2f59c3e14 100644 --- a/meteor/package-lock.json +++ b/meteor/package-lock.json @@ -464,9 +464,9 @@ } }, "jquery": { - "version": "1.12.3", - "resolved": "https://registry.npmjs.org/jquery/-/jquery-1.12.3.tgz", - "integrity": "sha512-FzM42/Ew+Hb8ha2OlhHRBLgWIZS32gZ0+NvWTf+ZvVvGaIlJkOiXQyb7VBjv4L6fJfmTrRf3EsAmbfsHDhfemw==" + "version": "3.4.0", + "resolved": "https://registry.npmjs.org/jquery/-/jquery-3.4.0.tgz", + "integrity": "sha512-ggRCXln9zEqv6OqAGXFEcshF5dSBvCkzj6Gm2gzuR5fWawaX8t7cxKVkkygKODrDAzKdoYw3l/e3pm3vlT4IbQ==" }, "jquery-ui": { "version": "1.12.1", diff --git a/meteor/package.json b/meteor/package.json index 56227733f..67518731d 100644 --- a/meteor/package.json +++ b/meteor/package.json @@ -11,7 +11,7 @@ "@babel/runtime": "^7.1.2", "bcrypt": "^3.0.1", "dc": "^2.1.10", - "jquery": "^1.12.3", + "jquery": "^3.4.0", "jquery-ui": "^1.12.1", "meteor-node-stubs": "^0.4.1", "pivottable": "^2.22.0", diff --git a/meteor/public/images/logo-elastic-kibana-dk.svg b/meteor/public/images/logo-elastic-kibana-dk.svg new file mode 100644 index 000000000..e37f0649a --- /dev/null +++ b/meteor/public/images/logo-elastic-kibana-dk.svg @@ -0,0 +1 @@ +Kibana White \ No newline at end of file diff --git a/meteor/public/images/moz-logo2.png b/meteor/public/images/moz-logo2.png new file mode 100644 index 000000000..8167faccd Binary files /dev/null and b/meteor/public/images/moz-logo2.png differ diff --git a/meteor/public/images/moz_defense-platform_01.png b/meteor/public/images/moz_defense-platform_01.png new file mode 100755 index 000000000..25c52c913 Binary files /dev/null and b/meteor/public/images/moz_defense-platform_01.png differ diff --git a/meteor/public/images/moz_defense-platform_01_lt.png b/meteor/public/images/moz_defense-platform_01_lt.png new file mode 100644 index 000000000..d3b18bfcf Binary files /dev/null and b/meteor/public/images/moz_defense-platform_01_lt.png differ diff --git a/tests/alerts/test_cloudtrail_public_bucket.py b/tests/alerts/test_cloudtrail_public_bucket.py new file mode 100644 index 000000000..3c8ebebd6 --- /dev/null +++ b/tests/alerts/test_cloudtrail_public_bucket.py @@ -0,0 +1,98 @@ +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. +# Copyright (c) 2017 Mozilla Corporation +from positive_alert_test_case import PositiveAlertTestCase +from negative_alert_test_case import NegativeAlertTestCase +from alert_test_suite import AlertTestSuite + + +class TestCloudtrailPublicBucket(AlertTestSuite): + alert_filename = "cloudtrail_public_bucket" + alert_classname = "AlertCloudtrailPublicBucket" + + default_event = { + "_source": { + "source": "cloudtrail", + "details": { + "requestparameters": { + "bucketpolicy": { + "version": "2012-10-17", + "statement": [{ + "action": "s3:GetObject", + "principal": "*", + "resource": "arn:aws:s3:::testbucket/*", + "effect": "Allow", + "sid": "AllowGetObject" + }] + }, + "bucketname": "testbucket" + }, + "eventname": "PutBucketPolicy", + }, + } + } + + # This alert is the expected result from running this task + default_alert = { + "category": "access", + "tags": ['cloudtrail'], + "severity": "INFO", + "summary": 'The s3 bucket testbucket is listed as public', + } + + test_cases = [] + + test_cases.append( + PositiveAlertTestCase( + description="Positive test with default events and default alert expected", + events=[AlertTestSuite.create_event(default_event)], + expected_alert=default_alert + ) + ) + + event = AlertTestSuite.create_event(default_event) + event['_source']['source'] = 'bad' + test_cases.append( + NegativeAlertTestCase( + description="Negative test case with events with incorrect source", + events=[event], + ) + ) + + event = AlertTestSuite.create_event(default_event) + event['_source']['details']['eventname'] = 'bad' + test_cases.append( + NegativeAlertTestCase( + description="Negative test case with events with incorrect details.eventname", + events=[event], + ) + ) + + event = AlertTestSuite.create_event(default_event) + del(event['_source']['details']['requestparameters']['bucketpolicy']['statement'][0]['principal']) + test_cases.append( + NegativeAlertTestCase( + description="Negative test case with events with missing field", + events=[event], + ) + ) + + event = AlertTestSuite.create_event(default_event) + event['_source']['details']['requestparameters']['bucketpolicy']['statement'][0]['principal'] = 'bad' + test_cases.append( + NegativeAlertTestCase( + description="Negative test case with events with incorrect principal", + events=[event], + ) + ) + + event = AlertTestSuite.create_event(default_event) + event['_source']['utctimestamp'] = AlertTestSuite.subtract_from_timestamp_lambda(date_timedelta={'minutes': 21}) + event['_source']['receivedtimestamp'] = AlertTestSuite.subtract_from_timestamp_lambda(date_timedelta={'minutes': 21}) + test_cases.append( + NegativeAlertTestCase( + description="Negative test case with old timestamp", + events=[event], + ) + )