Cisco Cisco Firepower Management Center 2000 開発者ガイド
4-70
FireSIGHT eStreamer Integration Guide
Chapter 4 Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
The following table describes the fields of the Vulnerability Reference data block:
Port
String Block Type (0)
String Block Type, continued
String Block Length
String Block Length, continued
Protocol Name...
String Block Type (0)
String Block Length
Sub-Server Name...
List Block Type (11)
List Block Length
(Vulnerability ID) Integer Data Block(s) *
Byte
0
1
2
3
Bit
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
Table 4-35
Vulnerability Reference Data Block Fields
Field
Data Type
Description
Vulnerability
Reference Block
Type
Reference Block
Type
uint32
Initiates a Vulnerability Reference data block. This value is always
8
.
Vulnerability
Reference Block
Length
Reference Block
Length
uint32
Number of bytes in the Vulnerability Reference data block,
including eight bytes for the vulnerability reference block type and
length fields, plus the number of bytes of vulnerability reference
data that follows.
including eight bytes for the vulnerability reference block type and
length fields, plus the number of bytes of vulnerability reference
data that follows.
Port
uint16
Port used by the sub-server affected by the listed vulnerabilities.
String Block Type
uint32
Initiates a String data block for the protocol affected by the listed
vulnerabilities. This value is set to
vulnerabilities. This value is set to
0
.
String Block
Length
Length
uint32
Number of bytes in the String data block for the protocol name,
including eight bytes for the string block type and length fields, plus
the number of bytes in the protocol name.
including eight bytes for the string block type and length fields, plus
the number of bytes in the protocol name.
Protocol Name
string
Contains the name of the protocol used by the sub-server affected by
the listed vulnerabilities.
the listed vulnerabilities.
String Block Type
uint32
Initiates a String data block for the sub-server affected by the
vulnerability.
vulnerability.
String Block
Length
Length
uint32
Number of bytes in the String data block containing the sub-server
name, including eight bytes for the String block type and length
fields, plus the number of bytes in the sub-server name.
name, including eight bytes for the String block type and length
fields, plus the number of bytes in the sub-server name.
Sub-Server
string
Contains the name of the sub-server affected by the listed
vulnerabilities.
vulnerabilities.