#include <sys/types.h>#include <stdlib.h>#include <ctype.h>#include "generators.h"#include "log.h"#include "detect.h"#include "decode.h"#include "event.h"#include "plugbase.h"#include "parser.h"#include "debug.h"#include "mstring.h"#include "util.h"#include "event_queue.h"#include "inline.h"#include "snort.h"Go to the source code of this file.
Defines | |
| #define | BACKORIFICE_DEFAULT_KEY 31337 |
| #define | BACKORIFICE_MAGIC_SIZE 8 |
| #define | BACKORIFICE_MIN_SIZE 18 |
| #define | BACKORIFICE_DEFAULT_PORT 31337 |
| #define | BO_TYPE_PING 1 |
| #define | BO_FROM_UNKNOWN 0 |
| #define | BO_FROM_CLIENT 1 |
| #define | BO_FROM_SERVER 2 |
| #define | BO_BUF_SIZE 8 |
| #define | BO_BUF_ATTACK_SIZE 1024 |
| #define | START_LIST "{" |
| #define | END_LIST "}" |
| #define | CONF_SEPARATORS " \t\n\r" |
| #define | BO_ALERT_GENERAL 0x0001 |
| #define | BO_ALERT_CLIENT 0x0002 |
| #define | BO_ALERT_SERVER 0x0004 |
| #define | BO_ALERT_SNORT_ATTACK 0x0008 |
| #define | MODNAME "spp_bo" |
Functions | |
| void | BoInit (u_char *) |
| void | BoProcess (Packet *) |
| void | BoFind (Packet *, void *) |
| static int | BoGetDirection (Packet *p, char *pkt_data) |
| static void | PrecalcPrefix () |
| static char | BoRand () |
| static void | ProcessArgs (u_char *args) |
| static int | ProcessOptionList (void) |
| static void | PrintConfig (void) |
| void | SetupBo () |
Variables | |
| static long | holdrand = 1L |
| int | brute_force_enable = 1 |
| int | default_key |
| static u_int16_t | noalert_flags = 0 |
| static u_int16_t | drop_flags = 0 |
| u_int16_t | lookup1 [65536][3] |
| u_int16_t | lookup2 [65536] |
|
|
|
|
|
Definition at line 136 of file spp_bo.c. Referenced by BoGetDirection(). |
|
|
Definition at line 134 of file spp_bo.c. Referenced by BoFind(), and PrecalcPrefix(). |
|
|
Definition at line 135 of file spp_bo.c. Referenced by BoFind(), and BoGetDirection(). |
|
|
Definition at line 150 of file spp_bo.c. Referenced by BoFind(), PrintConfig(), and ProcessOptionList(). |
|
|
Definition at line 149 of file spp_bo.c. Referenced by BoFind(), PrintConfig(), and ProcessOptionList(). |
|
|
Definition at line 151 of file spp_bo.c. Referenced by BoFind(), PrintConfig(), and ProcessOptionList(). |
|
|
Definition at line 152 of file spp_bo.c. Referenced by BoGetDirection(), PrintConfig(), and ProcessOptionList(). |
|
|
Definition at line 143 of file spp_bo.c. Referenced by BoGetDirection(). |
|
|
Definition at line 142 of file spp_bo.c. Referenced by BoGetDirection(). |
|
|
Definition at line 139 of file spp_bo.c. Referenced by BoFind(), and BoGetDirection(). |
|
|
Definition at line 140 of file spp_bo.c. Referenced by BoFind(), and BoGetDirection(). |
|
|
Definition at line 138 of file spp_bo.c. Referenced by BoGetDirection(). |
|
|
Definition at line 137 of file spp_bo.c. Referenced by BoGetDirection(). |
|
|
|
|
|
Definition at line 147 of file spp_bo.c. Referenced by ProcessOptionList(), and ProcessPorts(). |
|
|
|
|
|
Definition at line 146 of file spp_bo.c. Referenced by ProcessOptionList(), and ProcessPorts(). |
|
||||||||||||
|
||||||||||||
|
Definition at line 651 of file spp_bo.c. References BACKORIFICE_DEFAULT_PORT, BACKORIFICE_MIN_SIZE, BO_ALERT_SNORT_ATTACK, BO_BUF_ATTACK_SIZE, BO_BUF_SIZE, BO_FROM_CLIENT, BO_FROM_SERVER, BO_FROM_UNKNOWN, BO_SNORT_BUFFER_ATTACK, BO_SNORT_BUFFER_ATTACK_STR, BO_TYPE_PING, BoRand(), char(), DEBUG_PLUGIN, DEBUG_WRAP, _Packet::dp, drop_flags, _Packet::dsize, GENERATOR_SPP_BO, InlineDrop(), InlineMode(), noalert_flags, _Packet::packet_flags, PKT_INLINE_DROP, SnortEventqAdd(), and _Packet::sp. Referenced by BoFind(). |
|
|
Definition at line 216 of file spp_bo.c. References AddFuncToPreprocList(), BoFind(), DEBUG_PLUGIN, DEBUG_WRAP, PrecalcPrefix(), and ProcessArgs(). Referenced by SetupBo(). |
|
|
|
|
|
Definition at line 407 of file spp_bo.c. References holdrand. Referenced by BoFind(), BoGetDirection(), and PrecalcPrefix(). |
|
|
Definition at line 419 of file spp_bo.c. References BACKORIFICE_MAGIC_SIZE, BoRand(), holdrand, lookup1, and lookup2. Referenced by BoInit(). |
|
|
Definition at line 365 of file spp_bo.c. References BO_ALERT_CLIENT, BO_ALERT_GENERAL, BO_ALERT_SERVER, BO_ALERT_SNORT_ATTACK, drop_flags, LogMessage(), and noalert_flags. Referenced by ProcessArgs(), and XLINK2STATE_ParseArgs(). |
|
|
Definition at line 255 of file spp_bo.c. References CONF_SEPARATORS, drop_flags, FatalError(), file_line, file_name, noalert_flags, NULL, PrintConfig(), ProcessOptionList(), and strcasecmp. Referenced by BoInit(). |
|
|
Definition at line 299 of file spp_bo.c. References BO_ALERT_CLIENT, BO_ALERT_GENERAL, BO_ALERT_SERVER, BO_ALERT_SNORT_ATTACK, CONF_SEPARATORS, END_LIST, FatalError(), file_line, file_name, NULL, START_LIST, and strcasecmp. Referenced by ProcessArgs(). |
|
|
Definition at line 196 of file spp_bo.c. References BoInit(), DEBUG_PLUGIN, DEBUG_WRAP, and RegisterPreprocessor(). Referenced by InitPreprocessors(). |
|
|
|
|
|
|
|
|
Definition at line 179 of file spp_bo.c. Referenced by BoFind(), BoGetDirection(), PrintConfig(), and ProcessArgs(). |
|
|
Definition at line 172 of file spp_bo.c. Referenced by BoFind(), BoRand(), and PrecalcPrefix(). |
|
|
Definition at line 182 of file spp_bo.c. Referenced by BoFind(), and PrecalcPrefix(). |
|
|
Definition at line 183 of file spp_bo.c. Referenced by BoFind(), and PrecalcPrefix(). |
|
|
Definition at line 178 of file spp_bo.c. Referenced by BoFind(), BoGetDirection(), PrintConfig(), and ProcessArgs(). |
1.4.2