Cisco Cisco Firepower Management Center 4000 开发者指南
Version 5.3
Sourcefire 3D System eStreamer Integration Guide
338
Understanding Discovery & Connection Data Structures
Host Discovery and Connection Data Blocks
Chapter 4
The
table describes the fields of the User
Vulnerability data block.
User Vulnerability Data Block Fields
F
IELD
D
ATA
T
YPE
D
ESCRIPTION
User
Vulnerability
Block Type
uint32
Initiates a User Vulnerability data block. This
value is always 124.
User
Vulnerability
Block Length
uint32
Number of bytes in the User Vulnerability data
block, including eight bytes for the user
vulnerability block type and length fields, plus
the number of bytes of user vulnerability data
that follows.
Generic List
Block Type
uint32
Initiates a Generic List data block comprising IP
Range Specification data blocks conveying IP
address range data. This value is always 31.
Generic List
Block Length
uint32
Number of bytes in the Generic List data block,
including the list header and all encapsulated IP
Range Specification data blocks.
IP Range
Specification
Data Blocks *
variable
IP address ranges from user input. See
for a description of this data block.
Port
uint16
Port used by the server affected by the
vulnerability. For client application
vulnerabilities, the value is 0.
Protocol
uint16
IANA protocol number or Ethertype for the
protocol used by the server affected by the
vulnerability. This is handled differently for
Transport and Network layer protocols.
Transport layer protocols are identified by the
Transport layer protocols are identified by the
IANA protocol number. For example:
•
6 — TCP
•
17 — UDP
Network layer protocols are identified by the
decimal form of the IEEE Registration Authority
Ethertype. For example:
•
2048 — IP
For client application vulnerabilities, the value is
0
.