Cisco Cisco Firepower Management Center 2000 Entwickleranleitung

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

312

Understanding Discovery & Connection Data Structures

Host Discovery and Connection Data Blocks

Chapter 4

Host Server Data Block 4.10.0+

The Host Server data block conveys information about the detected servers on a 

host. It contains a block for each detected server, and also includes a list of web 

application data blocks for the web applications the server is running. Host Server 

data blocks are contained in messages for new and changed TCP and UDP 

servers. For more information, see 

 on page 206. The Host 

Server data block has a block type of 103 in the series 1 group of blocks.

An asterisk(*) next to a data block name in the following diagram 

indicates that multiple instances of the data block may occur.

The following diagram shows the format of the Host Server data block:

Byte

0

1

2

3

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Server Block Type (103)

Server Block Length

Port

Hits

Hits, continued

Last Used

Su

b-Server

Information

Last Used, continued

Generic List Block Type (31)

Generic List Block Type, continued

Generic List Block Length

Generic List Block Length, continued

Server Information Block Type (117)*

Confidence

Generic List Block Type (31)

Generic List Block Length

We

b

Appli

cation

Web Application Block Type (123)*

Web Application Block Length

Web Application Data...