Cisco Cisco Firepower Management Center 2000 Guia Do Programador

Version 5.3

Sourcefire 3D System eStreamer Integration Guide

543

Understanding Legacy Data Structures

Legacy Discovery Data Structures

Appendix B

Legacy Scan Result Data Blocks

For more information, see the following sections:

•

Generic Scan Results Data Block for 4.9.1.x and earlier

on page 543

•

Scan Result Data Block for 4.6.1 - 4.9.1.x

on page 545

•

Scan Result Data Block 4.10.0 - 5.1.1.x

on page 548

•

Scan Vulnerability Data Block for 4.9 - 4.9.1.x

on page 551

•

User Product Data Block for 4.10.x, 5.0 - 5.0.x

on page 554

Generic Scan Results Data Block for 4.9.1.x and earlier

The Generic Scan Results data block contains scan results and is used in the

Scan

Result Data Block for 4.6.1 - 4.9.1.x

on page 545. The Generic Scan Results data

block has a block type of 71.
The following diagram shows the basic structure of a Generic Scan Results data

block:

Client

Application ID

uint32

The internal identification number of the detected

client application, if applicable.

String Block

Type

uint32

Initiates a String data block that contains the

client application version. This value is always 0.

String Block

Length

uint32

Number of bytes in the client application version

String data block, including the string block type

and length fields, plus the number of bytes in the

version.

Version

string

Client application version.

User Client Application Data Block Fields (Continued)

IELD

UMBER

YTES

ESCRIPTION

Byte

Bit

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31

Generic Scan Results Data Block Type (71)

Generic Scan Results Block Length

Port

Protocol