$net_belong = $net_name_aux; $group_belong = $net['group']; } $threshold_a = $rs->fields['threshold_a'] ? $rs->fields['threshold_a'] : $net_threshold_a; $threshold_c = $rs->fields['threshold_c'] ? $rs->fields['threshold_c'] : $net_threshold_c; } // No perms over the host (by sensor filter) /* Patch: already filtered if (!Session::hostAllowed($conn,$ip)) { $rs->MoveNext(); continue; } */ // get host & global metrics $current_a = get_current_metric($host_qualification_cache, $net_qualification_cache, $ip, 'host', 'attack'); $current_c = get_current_metric($host_qualification_cache, $net_qualification_cache, $ip, 'host', 'compromise'); $global_a += $current_a; $global_c += $current_c; // only show hosts over their threshold $max_a_level = round($rs->fields['max_a'] / $threshold_a); $current_a_level = round($current_a / $threshold_a); $max_c_level = round($rs->fields['max_c'] / $threshold_c); $current_c_level = round($current_c / $threshold_c); //* comment out this if you want to see all hosts if ($max_a_level <= 1 && $current_a_level <= 1 && $max_c_level <= 1 && $current_c_level <= 1) { $rs->MoveNext(); continue; } //*/ $name = Host::ip2hostname($conn, $ip); // $name = $rs->fields['hostname'] ? $rs->fields['hostname'] : $ip;
$hosts[$ip] = $data; if ($group_belong) { $groups[$group_belong]['nets'][$net_belong]['hosts'][$ip] = $data; } else { $networks[$net_belong]['hosts'][$ip] = $data; } //printr($data); } $rs->MoveNext(); } //////////////////////////////////////////////////////////////// // Global score //////////////////////////////////////////////////////////////// $global = get_score("global_{$user}", 'global'); $global['current_a'] = get_current_metric($host_qualification_cache, $net_qualification_cache, 'global', 'global', 'attack'); $global['current_c'] = get_current_metric($host_qualification_cache, $net_qualification_cache, 'global', 'global', 'compromise'); $global['threshold_a'] = $conf_threshold; $global['threshold_c'] = $conf_threshold; //////////////////////////////////////////////////////////////// // Permissions & Ordering //////////////////////////////////////////////////////////////// foreach ($networks as $net => $net_data) { $net_perms = $net_data['has_perms']; if (!$net_perms) { unset($networks[$net]); } } // Groups $order_by_risk_type = 'compromise'; uasort($groups, 'order_by_risk'); foreach ($groups as $group => $group_data) {
$name = $rs->fields['hostname']; $threshold_a = $rs->fields['threshold_a'] ? $rs->fields['threshold_a'] : $net_threshold_a; $threshold_c = $rs->fields['threshold_c'] ? $rs->fields['threshold_c'] : $net_threshold_c; // get host & global metrics list($current_a, $current_c) = get_current_metric($host_qualification_cache, $net_qualification_cache, $net, 'host'); $global_a += $current_a; $global_c += $current_c; $data = array('name' => $name, 'threshold_a' => $threshold_a, 'threshold_c' => $threshold_c, 'max_c' => $rs->fields['max_c'], 'max_a' => $rs->fields['max_a'], 'max_c_date' => $rs->fields['max_c_date'], 'max_a_date' => $rs->fields['max_a_date'], 'current_a' => $current_a, 'current_c' => $current_c, 'network' => $net_belong, 'group' => $group_belong); $hosts[$id] = $data; $rs->MoveNext(); } //////////////////////////////////////////////////////////////// // Global score //////////////////////////////////////////////////////////////// $global = get_score("global_{$user}", 'global'); list($_current_a, $_current_c) = get_current_metric($host_qualification_cache, $net_qualification_cache, 'global', 'global'); $global['current_a'] = $_current_a; $global['current_c'] = $_current_c; $global['threshold_a'] = $conf_threshold; $global['threshold_c'] = $conf_threshold; //////////////////////////////////////////////////////////////// // Permissions & Ordering //////////////////////////////////////////////////////////////// foreach ($networks as $net => $net_data) { $net_perms = $net_data['has_perms']; if (!$net_perms) { unset($networks[$net]); } } // Groups $order_by_risk_type = 'compromise';
$host_where .= " AND host.id in ({$hosts})"; } $sql = "SELECT\n control_panel.id,\n control_panel.max_c,\n control_panel.max_a,\n control_panel.max_c_date,\n control_panel.max_a_date,\n host.threshold_a,\n host.threshold_c,\n host.hostname\n FROM\n control_panel\n LEFT JOIN host ON UNHEX(control_panel.id) = host.id\n WHERE\n control_panel.time_range = ? AND\n control_panel.rrd_type = 'host'{$host_where}"; $params = array($range); if (!($rs =& $conn->Execute($sql, $params))) { die($conn->ErrorMsg()); } $hosts = array(); $global_a = $global_c = 0; while (!$rs->EOF) { $id = $rs->fields['id']; $name = $rs->fields['hostname']; $threshold_a = $rs->fields['threshold_a'] ? $rs->fields['threshold_a'] : $net_threshold_a; $threshold_c = $rs->fields['threshold_c'] ? $rs->fields['threshold_c'] : $net_threshold_c; // get host & global metrics list($current_a, $current_c) = get_current_metric($host_qualification_cache, $net_qualification_cache, $net, 'host'); $global_a += $current_a; $global_c += $current_c; $data = array('name' => $name, 'threshold_a' => $threshold_a, 'threshold_c' => $threshold_c, 'max_c' => $rs->fields['max_c'], 'max_a' => $rs->fields['max_a'], 'max_c_date' => $rs->fields['max_c_date'], 'max_a_date' => $rs->fields['max_a_date'], 'current_a' => $current_a, 'current_c' => $current_c, 'network' => $net_belong, 'group' => $group_belong); $hosts[$id] = $data; $rs->MoveNext(); } ?> <table width="100%" class="transparent"> <tr> <th colspan="3"><?php echo _("Network"); ?> </th> <th><?php echo _("Max Date");