Cisco Cisco Firepower Management Center 4000 Guia Do Programador
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
326
Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Chapter 4
The
Generic Scan Result Data Block Fields
table describes the fields of the
Generic Scan Results data block.
Scan Result Sub-Server
String Block Type (0)
String Block Length
Scan Result Sub-Server (unformatted) String...
Scan Result
Va
lu
e
String Block Type (0)
String Block Length
Scan Result Value...
Generic Scan Result Data Block Fields
F
IELD
N
UMBER
OF
B
YTES
D
ESCRIPTION
Generic Scan
Results Data
Block Type
uint32
Initiates a Generic Scan Results data block. This
value is always 108.
Generic Scan
Results Block
Length
uint32
Total number of bytes in the Generic Scan
Results data block, including eight bytes for the
generic scan results block type and length fields,
plus the number of bytes of scan results data
that follows.
Port
uint16
Port used by the server affected by the
vulnerabilities in the results.
Protocol
uint16
IANA protocol number or Ethertype. This is
handled differently for Transport and Network
layer protocols.
Transport layer protocols are identified by the
Transport layer protocols are identified by the
IANA protocol number. For example:
•
6 — TCP
•
17 — UDP
Network layer protocols are identified by the
decimal form of the IEEE Registration Authority
Ethertype. For example:
•
2048 — IP
String Block
Type
uint32
Initiates a String data block that contains the sub-
server. This value is always 0.