Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

The following diagram shows the format of a Mobile Device Information data block. The data block 
contains the last time the host was detected, mobile device information, and whether the mobile device 
is jailbroken. The Mobile Device Information data block has a block type of 131 in the series 1 group of 
blocks.

Fingerprint Source 
Type

uint32

Indicates the type (i.e., user or scanner) of the source that supplied 
the operating system fingerprint.

Fingerprint Source 
ID

uint32

Identification number that maps to the login name of the user that 
supplied the operating system fingerprint.

Last Seen

uint32

Indicates when the fingerprint was last seen in traffic.

TTL Difference

uint8

Indicates the difference between the TTL value in the fingerprint 
and the TTL value seen in the packet used to fingerprint the host.

Generic List Block 
Type

uint32

Initiates a Generic List data block. This value is always 

31

.

Generic List Block 
Length

uint32

Number of bytes in the Generic List block and encapsulated data 
blocks. This number includes the eight bytes of the generic list 
block header fields, plus the number of bytes in all of the 
encapsulated data blocks.

Mobile Device 
Information Data 
Blocks

variable

Encapsulated Mobile Device Information data blocks up to the 
maximum number of bytes in the list block length. See 

description of this data block.

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Mobile Device Information Block Type (131)

Mobile Device Information Block Length

Mobile Device 

Data

String Block Type (0)

String Block Length

Mobile Device String Data...

Mobile Device Last Seen

Mobile

Jailbroken