Cisco Cisco Firepower Management Center 2000 Guía Del Desarrollador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
402
Understanding Host Data Structures
Full Host Profile Data Block 5.3+
Chapter 5
(Third
Party/VDB)
Host
Vulnerability
Data Blocks *
variable
Host Vulnerability data blocks sourced from a
third party scanner and containing information
about host vulnerabilities cataloged in the
Sourcefire vulnerability database (VDB). See
page 293 for a description of this data block.
Generic List
Block Type
uint32
Initiates a Generic List data block comprising
Host Vulnerability data blocks conveying third
party scan vulnerability data. This value is
always 31.
Generic List
Block Length
uint32
Number of bytes in the Generic List data block,
including the list header and all encapsulated
data blocks.
(Third Party
Scan) Host
Vulnerability
Data Blocks *
variable
Host Vulnerability data blocks sourced from a
third party scanner. Note that the host
vulnerability IDs for these data blocks are the
third party scanner IDs, not Sourcefire-detected
IDs. See
page 293 for a description of this data block.
List Block Type
uint32
Initiates a List data block comprising Attribute
Value data blocks conveying attribute data. This
value is always 11.
List Block
Length
uint32
Number of bytes in the List data block, including
the list header and all encapsulated data blocks.
Attribute Value
Data Blocks *
variable
List of Attribute Value data blocks. See
on page 253 for a description
of the data blocks in this list.
Mobile
uint8
A true-false flag indicating whether the
operating system is running on a mobile device.
Jailbroken
uint8
A true-false flag indicating whether the mobile
device operating system is jailbroken.
Generic List
Block Type
uint32
Initiates a Generic List data block comprising
IOC State data blocks.This value is always 31.
Full Host Profile Record 5.3+ Fields (Continued)
F
IELD
D
ATA
T
YPE
D
ESCRIPTION