Main Page | Modules | Class List | Directories | File List | Class Members | File Members | Related Pages
src / preprocessors / HttpInspect / include

hi_eo_events.h

Go to the documentation of this file.
00001 #ifndef __HI_EO_EVENTS_H__
00002 #define __HI_EO_EVENTS_H__
00003 
00004 #include "hi_include.h"
00005 
00006 /*
00007 **  Client Events
00008 */
00009 #define HI_EO_CLIENT_ASCII          0   /* done */
00010 #define HI_EO_CLIENT_DOUBLE_DECODE  1   /* done */
00011 #define HI_EO_CLIENT_U_ENCODE       2   /* done */
00012 #define HI_EO_CLIENT_BARE_BYTE      3   /* done */
00013 #define HI_EO_CLIENT_BASE36         4   /* done */
00014 #define HI_EO_CLIENT_UTF_8          5   /* done */
00015 #define HI_EO_CLIENT_IIS_UNICODE    6   /* done */
00016 #define HI_EO_CLIENT_MULTI_SLASH    7   /* done */
00017 #define HI_EO_CLIENT_IIS_BACKSLASH  8   /* done */
00018 #define HI_EO_CLIENT_SELF_DIR_TRAV  9   /* done */
00019 #define HI_EO_CLIENT_DIR_TRAV       10  /* done */
00020 #define HI_EO_CLIENT_APACHE_WS      11  /* done */
00021 #define HI_EO_CLIENT_IIS_DELIMITER  12  /* done */
00022 #define HI_EO_CLIENT_NON_RFC_CHAR   13  /* done */
00023 #define HI_EO_CLIENT_OVERSIZE_DIR   14  /* done */
00024 #define HI_EO_CLIENT_LARGE_CHUNK    15  /* done */
00025 #define HI_EO_CLIENT_PROXY_USE      16  /* done */
00026 #define HI_EO_CLIENT_WEBROOT_DIR    17  /* done */
00027 
00028 /*
00029 **  IMPORTANT:
00030 **  Every time you add a client event, this number must be
00031 **  incremented.
00032 */
00033 #define HI_EO_CLIENT_EVENT_NUM      18
00034 
00035 /*
00036 **  These defines are the alert names for each event
00037 */
00038 #define HI_EO_CLIENT_ASCII_STR                          \
00039     "(http_inspect) ASCII ENCODING"
00040 #define HI_EO_CLIENT_DOUBLE_DECODE_STR                  \
00041     "(http_inspect) DOUBLE DECODING ATTACK"
00042 #define HI_EO_CLIENT_U_ENCODE_STR                       \
00043     "(http_inspect) U ENCODING"
00044 #define HI_EO_CLIENT_BARE_BYTE_STR                      \
00045     "(http_inspect) BARE BYTE UNICODE ENCODING"
00046 #define HI_EO_CLIENT_BASE36_STR                         \
00047     "(http_inspect) BASE36 ENCODING"    
00048 #define HI_EO_CLIENT_UTF_8_STR                          \
00049     "(http_inspect) UTF-8 ENCODING"
00050 #define HI_EO_CLIENT_IIS_UNICODE_STR                    \
00051     "(http_inspect) IIS UNICODE CODEPOINT ENCODING"
00052 #define HI_EO_CLIENT_MULTI_SLASH_STR                    \
00053     "(http_inspect) MULTI_SLASH ENCODING"
00054 #define HI_EO_CLIENT_IIS_BACKSLASH_STR                 \
00055     "(http_inspect) IIS BACKSLASH EVASION"
00056 #define HI_EO_CLIENT_SELF_DIR_TRAV_STR                  \
00057     "(http_inspect) SELF DIRECTORY TRAVERSAL"
00058 #define HI_EO_CLIENT_DIR_TRAV_STR                       \
00059     "(http_inspect) DIRECTORY TRAVERSAL"
00060 #define HI_EO_CLIENT_APACHE_WS_STR                      \
00061     "(http_inspect) APACHE WHITESPACE (TAB)"
00062 #define HI_EO_CLIENT_IIS_DELIMITER_STR                  \
00063     "(http_inspect) NON-RFC HTTP DELIMITER"
00064 #define HI_EO_CLIENT_NON_RFC_CHAR_STR                   \
00065     "(http_inspect) NON-RFC DEFINED CHAR"
00066 #define HI_EO_CLIENT_OVERSIZE_DIR_STR                   \
00067     "(http_inspect) OVERSIZE REQUEST-URI DIRECTORY"
00068 #define HI_EO_CLIENT_LARGE_CHUNK_STR                    \
00069     "(http_inspect) OVERSIZE CHUNK ENCODING"
00070 #define HI_EO_CLIENT_PROXY_USE_STR                      \
00071     "(http_inspect) UNAUTHORIZED PROXY USE DETECTED"
00072 #define HI_EO_CLIENT_WEBROOT_DIR_STR                    \
00073     "(http_inspect) WEBROOT DIRECTORY TRAVERSAL"
00074 
00075 /*
00076 **  Anomalous Server Events
00077 */
00078 #define HI_EO_ANOM_SERVER           0
00079 
00080 #define HI_EO_ANOM_SERVER_EVENT_NUM 1
00081 
00082 #define HI_EO_ANOM_SERVER_STR                           \
00083     "(http_inspect) ANOMALOUS HTTP SERVER ON UNDEFINED HTTP PORT"
00084 
00085 /*
00086 **  Event Priorities
00087 */
00088 #define HI_EO_HIGH_PRIORITY 0
00089 #define HI_EO_MED_PRIORITY  1
00090 #define HI_EO_LOW_PRIORITY  2
00091 
00092 #endif
Generated on Sun May 14 14:51:15 2006 by  doxygen 1.4.2