Exemplos de SnortFTPTelnet em C++ (Cpp)

Exemplo n.º 1

0

Exibir arquivo

Arquivo: spp_ftptelnet.c Projeto: remfalc/vyt-vyatta-snort

/*
 * Function: FTPTelnetChecks(Packet *p)
 *
 * Purpose: This function wraps the functionality in the generic FTPTelnet
 *          processing.  We get a Packet structure and pass this into the
 *          FTPTelnet module where the first stage in FTPTelnet is the
 *          Normalization stage where most of the other Snortisms are
 *          taken care of.  After that, the modules are generic.
 *
 * Arguments: p         => pointer to a Packet structure that contains
 *                         Snort info about the packet.
 *
 * Returns: None
 *
 */
static void FTPTelnetChecks(void *pkt, void *context)
{
    /*
     * IMPORTANT:
     * This is where we initialize any variables that can impact other
     * aspects of detection/processing.
     *
     */
    SFSnortPacket *p = (SFSnortPacket*)pkt;

    /*
     * Check for valid packet
     * if neither header or data is good, then we just abort.
     */
    if(!p->ip4_header || !p->tcp_header || !p->payload || !p->payload_size)
    {
        return;
    }

    /*
     * Pass in the configuration and the packet.
     */
    SnortFTPTelnet(&FTPTelnetGlobalConf, p);

    return;
}

Exemplo n.º 2

0

Exibir arquivo

Arquivo: spp_ftptelnet.c Projeto: richardqa/snort

/*
 * Function: FTPTelnetChecks(Packet *p)
 *
 * Purpose: This function wraps the functionality in the generic FTPTelnet
 *          processing.  We get a Packet structure and pass this into the
 *          FTPTelnet module where the first stage in FTPTelnet is the
 *          Normalization stage where most of the other Snortisms are
 *          taken care of.  After that, the modules are generic.
 *
 * Arguments: p         => pointer to a Packet structure that contains
 *                         Snort info about the packet.
 *
 * Returns: None
 *
 */
void FTPTelnetChecks(void *pkt, void *context)
{
    SFSnortPacket *p = (SFSnortPacket*)pkt;

    // precondition - what we registered for
    assert(IsTCP(p) && p->payload && p->payload_size);

    SnortFTPTelnet(p);
}

Exemplo n.º 3

0

Exibir arquivo

Arquivo: spp_ftptelnet.c Projeto: richardqa/snort

void FTPDataTelnetChecks(void *pkt, void *context)
{
    SFSnortPacket *p = (SFSnortPacket*)pkt;

    // precondition - what we registered for
    assert(IsTCP(p));

    if ( _dpd.fileAPI->get_max_file_depth() >= 0 )
    {
        if ( _dpd.sessionAPI->get_application_protocol_id(p->stream_session)
            == ftp_data_app_id )
        {
            PROFILE_VARS;
            PREPROC_PROFILE_START(ftpdataPerfStats);
            SnortFTPData(p);
            PREPROC_PROFILE_END(ftpdataPerfStats);
            return;
        }
    }
    if ( !p->payload_size || (p->payload == NULL) )
        return;

    SnortFTPTelnet(p);
}