<?php
$sql = "SELECT * FROM system WHERE ";
$sql .= "system_timestamp < '" . adjustdate(0, 0, -$days_systems_not_audited) . "000000'";
$query_array = array("headline" => __("Delete Systems Not Audited in the last ") . $days_systems_not_audited . __(" days"), "sql" => $sql, "sort" => "system_name", "dir" => "ASC", "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("05" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "10" => array("name" => "delete", "head" => __("Delete"), "show" => "y", "link" => "y", "sort" => "n", "search" => "n", "get" => array("file" => "delete_missed_audit.php", "title" => __("Delete System"), "onClick" => "return confirm('" . __("Do you really want to DELETE this item?") . "');", "var" => array("pc" => "%system_uuid"))), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"), "40" => array("name" => "system_os_name", "head" => __("OS"), "show" => $show_os), "50" => array("name" => "system_timestamp", "head" => __("Date Audited"), "show" => $show_date_audited), "60" => array("name" => "system_system_type", "head" => __("System Type"), "show" => $show_type, "align" => "center"), "70" => array("name" => "system_description", "head" => __("Description"), "show" => $show_description), "80" => array("name" => "net_domain", "head" => __("Domain"), "show" => $show_domain), "90" => array("name" => "system_service_pack", "head" => __("Servicepack"), "show" => $show_service_pack)));
echo "<td>" . $myrow["partition_caption"] . " </td>\n";
echo "<td>" . $myrow["partition_volume_name"] . " </td>\n";
echo "</tr>\n";
} while ($myrow = mysql_fetch_array($result));
echo "</table>";
echo "</div>";
echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"content\">\n";
echo "<tr><td colspan=\"3\"><b>Total Partitions: " . $count . "</b></td></tr>\n";
echo "</table>";
echo "</div>";
} else {
}
} else {
}
if ($show_software_detected == "y") {
$SQL = "select sys.net_ip_address,sys.system_name,svr.software_name, svr.software_mac, svr.software_detect_date from software svr, system sys where software_detect_date >= '" . adjustdate(0, 0, -$days_software_detected) . "' AND svr.software_no_detect_date = '1111-11-11' and svr.software_mac = sys.net_mac_address AND sys.date_first_audited < '" . adjustdate(0, 0, -$days_software_detected) . "' AND sys.audit_type = 'Online' AND svr.software_name NOT LIKE '%Hotfix%' AND svr.software_name NOT LIKE '%Update%' ORDER BY sys.system_name, svr.software_name";
$result = mysql_query($SQL, $db);
if ($myrow = mysql_fetch_array($result)) {
echo "<div class=\"main_each\">\n";
$count = 0;
$bgcolor = "#FFFFFF";
echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"content\">\n";
echo "<tr>\n";
echo " <td class=\"contenthead\"><a href=\"javascript://\" onclick=\"switchUl('f4');\">Software detected in the last " . $days_software_detected . " days.</a></td>\n";
echo " <td align=\"right\"><a href=\"javascript://\" onclick=\"switchUl('f4');\"><img src=\"" . $but_all . "\" width=\"16\" height=\"16\" border=\"0\" /></a></td>\n";
echo "</tr>\n";
echo "</table>";
echo "<div style=\"display:none;\" id=\"f4\">";
echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"content\">\n";
echo "<tr>\n";
echo "<td width=\"120\"><b>IP Address</b></td>\n";
$sitename = "New Other Items Detected in the Last " . $other_detected . " Day(s)";
$sitedescription = "New Other Items detected by Open Audit.";
//New Translatation-System
if ($language == "") {
$GLOBALS["language"] = "en";
}
$language_file = "./lang/" . $GLOBALS["language"] . ".inc";
if (is_file($language_file)) {
include $language_file;
} else {
die("Language-File not found: " . $language_file);
}
$db = mysql_connect($mysql_server, $mysql_user, $mysql_password) or die('Could not connect: ' . mysql_error());
mysql_select_db($mysql_database, $db);
$sql = "SELECT * FROM other WHERE (other_ip_address <> '' AND ";
$sql .= "other_first_timestamp > '" . adjustdate(0, 0, -$other_detected) . "000000') ORDER BY other_ip_address";
$result = mysql_query($sql, $db);
$bgcolor = "#FFFFFF";
echo '<rss version="2.0">' . "\n";
echo '<channel>' . "\n";
echo '<image>' . "\n";
echo '<url>' . $sitename . 'favicon.ico</url>' . "\n";
echo '</image>' . "\n";
echo '<title>' . $sitename . '</title>' . "\n";
echo '<link>' . $sitebaseurl . '</link>' . "\n";
echo '<description>' . $sitedescription . '</description>' . "\n";
if ($myrow = mysql_fetch_array($result)) {
// system.php?other=&view=other_system&
do {
echo '<item>' . "\n";
echo "<guid isPermaLink=\"false\">openauditnewsys-" . $myrow["other_ip_address"] . "</guid>\n";
$sitename = "New Systems Detected in the Last " . $system_detected . " Day(s)";
$sitedescription = "New systems detected by Open Audit.";
//New Translatation-System
if ($language == "") {
$GLOBALS["language"] = "en";
}
$language_file = "./lang/" . $GLOBALS["language"] . ".inc";
if (is_file($language_file)) {
include $language_file;
} else {
die("Language-File not found: " . $language_file);
}
$db = mysql_connect($mysql_server, $mysql_user, $mysql_password) or die('Could not connect: ' . mysql_error());
mysql_select_db($mysql_database, $db);
$sql = "SELECT system_name, net_ip_address, system_uuid, system_first_timestamp FROM system ";
$sql .= "WHERE system_first_timestamp > '" . adjustdate(0, 0, -$system_detected) . "000000' ORDER BY system_name";
$result = mysql_query($sql, $db);
$bgcolor = "#FFFFFF";
echo '<rss version="2.0">' . "\n";
echo '<channel>' . "\n";
echo '<image>' . "\n";
echo '<url>' . $sitename . 'favicon.ico</url>' . "\n";
echo '</image>' . "\n";
echo '<title>' . $sitename . '</title>' . "\n";
echo '<link>' . $sitebaseurl . '</link>' . "\n";
echo '<description>' . $sitedescription . '</description>' . "\n";
if ($myrow = mysql_fetch_array($result)) {
do {
echo '<item>' . "\n";
echo "<guid isPermaLink=\"false\">openauditnewsys-" . $myrow["system_uuid"] . "</guid>\n";
echo '<title>' . $myrow["system_name"] . '</title>' . "\n";
echo "<td>" . $myrow["partition_caption"] . " </td>\n";
echo "<td>" . $myrow["partition_volume_name"] . " </td>\n";
echo "</tr>\n";
} while ($myrow = mysql_fetch_array($result));
echo "</table>";
echo "</div>";
echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"content\">\n";
echo "<tr><td colspan=\"3\"><b>Total Partitions: " . $count . "</b></td></tr>\n";
echo "</table>";
echo "</div>";
} else {
}
} else {
}
if ($show_software_detected == "y") {
$SQL = "SELECT sw.software_name, sw.software_first_timestamp, sys.system_name, sys.system_uuid, sys.net_ip_address FROM software sw, system sys WHERE software_first_timestamp >= '" . adjustdate(0, 0, -$days_software_detected) . "000000' AND sys.system_first_timestamp < '" . adjustdate(0, 0, -$days_software_detected) . "000000' AND software_name NOT LIKE '%Hotfix%' AND software_name NOT LIKE '%Update%' AND sw.software_uuid = sys.system_uuid";
$result = mysql_query($SQL, $db);
if ($myrow = mysql_fetch_array($result)) {
echo "<div class=\"main_each\">\n";
$count = 0;
$bgcolor = "#FFFFFF";
echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"content\">\n";
echo "<tr>\n";
echo " <td class=\"contenthead\"><a href=\"javascript://\" onclick=\"switchUl('f4');\">Software detected in the last " . $days_software_detected . " days.</a></td>\n";
echo " <td align=\"right\"><a href=\"javascript://\" onclick=\"switchUl('f4');\"><img src=\"" . $but_all . "\" width=\"16\" height=\"16\" border=\"0\" /></a></td>\n";
echo "</tr>\n";
echo "</table>";
echo "<div style=\"display:none;\" id=\"f4\">";
echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"content\">\n";
echo "<tr>\n";
echo " <td width=\"120\"><b>IP Address</b></td>\n";
$sitebaseurl = $site_protocol . $_SERVER["SERVER_NAME"] . dirname($_SERVER["SCRIPT_NAME"]) . "/";
$sitename = "LDAP Directory changes in the last " . $ldap_changes_days . " Day(s)";
$sitedescription = "LDAP Directory changes detected by Open Audit.";
//New Translatation-System
if ($language == "") {
$GLOBALS["language"] = "en";
}
$language_file = "./lang/" . $GLOBALS["language"] . ".inc";
if (is_file($language_file)) {
include $language_file;
} else {
die("Language-File not found: " . $language_file);
}
$db = mysql_connect($mysql_server, $mysql_user, $mysql_password) or die('Could not connect: ' . mysql_error());
mysql_select_db($mysql_database, $db);
$sql = "\r\nSELECT * FROM (\r\n\r\n(SELECT ldap_connections_name, ldap_users_cn as cn, ldap_users_dn as dn, 'deleted' as img, 'User' as objtype\r\nFROM ldap_users\r\nLEFT JOIN ldap_paths ON ldap_users.ldap_users_path_id=ldap_paths.ldap_paths_id\r\nLEFT JOIN ldap_connections ON ldap_paths.ldap_paths_connection_id=ldap_connections.ldap_connections_id\r\nWHERE ldap_users_timestamp<>ldap_paths_timestamp\r\nAND ldap_users_timestamp>'" . adjustdate(0, 0, -$ldap_changes_days) . "000000')\r\n\r\nUNION\r\n\r\n(SELECT ldap_connections_name, ldap_users_cn as cn, ldap_users_dn as dn, 'active' as img, 'User' as objtype\r\nFROM ldap_users\r\nLEFT JOIN ldap_paths ON ldap_users.ldap_users_path_id=ldap_paths.ldap_paths_id\r\nLEFT JOIN ldap_connections ON ldap_paths.ldap_paths_connection_id=ldap_connections.ldap_connections_id\r\nWHERE ldap_users_timestamp=ldap_paths_timestamp\r\nAND ldap_users_first_timestamp>'" . adjustdate(0, 0, -$ldap_changes_days) . "000000')\r\n\r\nUNION\r\n\r\n(SELECT ldap_connections_name, ldap_computers_cn as cn, ldap_computers_dn as dn, 'deleted' as img, 'Computer' as objtype\r\nFROM ldap_computers\r\nLEFT JOIN ldap_paths ON ldap_computers.ldap_computers_path_id=ldap_paths.ldap_paths_id\r\nLEFT JOIN ldap_connections ON ldap_paths.ldap_paths_connection_id=ldap_connections.ldap_connections_id\r\nWHERE ldap_computers_timestamp<>ldap_paths_timestamp\r\nAND ldap_computers_timestamp>'" . adjustdate(0, 0, -$ldap_changes_days) . "000000')\r\n\r\nUNION\r\n\r\n(SELECT ldap_connections_name, ldap_computers_cn as cn, ldap_computers_dn as dn, 'active' as img, 'Computer' as objtype\r\nFROM ldap_computers\r\nLEFT JOIN ldap_paths ON ldap_computers.ldap_computers_path_id=ldap_paths.ldap_paths_id\r\nLEFT JOIN ldap_connections ON ldap_paths.ldap_paths_connection_id=ldap_connections.ldap_connections_id\r\nWHERE ldap_computers_timestamp=ldap_paths_timestamp\r\nAND ldap_computers_first_timestamp>'" . adjustdate(0, 0, -$ldap_changes_days) . "000000')\r\n\r\n) AS U ORDER BY ldap_connections_name, cn";
$result = mysql_query($sql, $db);
echo '<rss version="2.0" xmlns:content="http://purl.org/rss/1.0/modules/content/">' . "\n";
echo '<channel>' . "\n";
echo '<image>' . "\n";
echo '<url>' . $sitename . 'favicon.ico</url>' . "\n";
echo '</image>' . "\n";
echo '<title>' . $sitename . '</title>' . "\n";
echo '<link>' . $sitebaseurl . '</link>' . "\n";
echo '<description>' . $sitedescription . '</description>' . "\n";
// Loop through results
if ($myrow = mysql_fetch_array($result)) {
do {
echo '<item>' . "\n";
echo '<guid isPermaLink="false">openaudit-' . htmlentities($myrow["cn"]) . "</guid>\n";
$status = $myrow["img"] == 'active' ? "Added" : "Deleted";
<?php
$query_array = array("10" => array("headline" => __("Other Items Discovered in the last") . " {$other_detected} " . __("Days"), "td_width" => array("130"), "views" => array("10" => array("sql" => "\r\n SELECT other_id, other_ip_address, other_network_name, other_type, other_description\r\n FROM other\r\n WHERE (other_mac_address <> '' AND other_first_timestamp > '" . adjustdate(0, 0, -$other_detected) . "') ", "sort" => "other_ip_address", "show" => $show_other_discovered, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("other" => "%other_id", "view" => "other_system")), "fields" => array("10" => array("name" => "other_id", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "other_ip_address", "head" => __("IP"), "link" => "y"), "30" => array("name" => "other_network_name", "head" => __("Hostname"), "link" => "y"), "40" => array("name" => "other_type", "head" => __("Type")), "50" => array("name" => "other_description", "head" => __("Description")))))), "20" => array("headline" => __("Systems Discovered in the last") . " {$system_detected} " . __("Days"), "td_width" => array("130"), "views" => array("10" => array("sql" => "\r\n SELECT system_uuid, net_ip_address, system_name, system_os_name, system_timestamp, system_system_type, system_description, net_domain, system_service_pack\r\n FROM system\r\n WHERE system_first_timestamp > '" . adjustdate(0, 0, -$system_detected) . "000000' ", "sort" => "system_name", "show" => $show_system_discovered, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"), "40" => array("name" => "system_os_name", "head" => __("OS"), "show" => $show_os), "50" => array("name" => "system_timestamp", "head" => __("Date Audited"), "show" => $show_date_audited), "60" => array("name" => "system_system_type", "head" => __("System Type"), "show" => $show_type, "align" => "center"), "70" => array("name" => "system_description", "head" => __("Description"), "show" => $show_description), "80" => array("name" => "net_domain", "head" => __("Domain"), "show" => $show_domain), "90" => array("name" => "system_service_pack", "head" => __("Servicepack"), "show" => $show_service_pack))))), "30" => array("headline" => __("Systems Not Audited in the last") . " {$days_systems_not_audited} " . __("Days"), "td_width" => array("130"), "views" => array("10" => array("sql" => "\r\n SELECT system_uuid, net_ip_address, system_name, system_os_name, system_timestamp, system_system_type, system_description, net_domain, system_service_pack\r\n FROM system\r\n WHERE system_timestamp < '" . adjustdate(0, 0, -$days_systems_not_audited) . "000000' ", "sort" => "system_name", "show" => $show_systems_not_audited, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"), "40" => array("name" => "system_os_name", "head" => __("OS"), "show" => $show_os), "50" => array("name" => "system_timestamp", "head" => __("Date Audited"), "show" => $show_date_audited), "60" => array("name" => "system_system_type", "head" => __("System Type"), "show" => $show_type, "align" => "center"), "70" => array("name" => "system_description", "head" => __("Description"), "show" => $show_description), "80" => array("name" => "net_domain", "head" => __("Domain"), "show" => $show_domain), "90" => array("name" => "system_service_pack", "head" => __("Servicepack"), "show" => $show_service_pack))))), "40" => array("headline" => __("Partition free space less than") . " " . $partition_free_space . " " . __("MB"), "td_width" => array("130"), "views" => array("10" => array("sql" => "\r\n SELECT system_uuid, system_name, net_ip_address, partition_uuid, partition_volume_name,\r\n partition_caption, partition_free_space, partition_size, partition_timestamp\r\n FROM system sys, partition par\r\n WHERE partition_free_space < '{$partition_free_space}'\r\n AND system_uuid = partition_uuid AND partition_timestamp = system_timestamp\r\n ", "sort" => "partition_free_space", "show" => $show_partition_usage, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"), "40" => array("name" => "partition_free_space", "head" => __("Free Space"), "show" => "y", "link" => "n"), "50" => array("name" => "partition_size", "head" => __("Size"), "show" => "y", "link" => "n"), "60" => array("name" => "partition_caption", "head" => __("Drive Letter"), "show" => "y", "link" => "n", "align" => "center"), "70" => array("name" => "partition_volume_name", "head" => __("Description"), "show" => "y", "link" => "n"))))), "50" => array("headline" => __("Software detected in the last") . " " . $days_software_detected . " " . __("Days"), "td_width" => array("130"), "views" => array("10" => array("sql" => "\r\n SELECT software_name, software_first_timestamp, system_name, system_uuid, net_ip_address\r\n FROM software sw, system sys\r\n WHERE software_first_timestamp >= '" . adjustdate(0, 0, -$days_software_detected) . "000000'\r\n AND system_first_timestamp < '" . adjustdate(0, 0, -$days_software_detected) . "000000'\r\n AND software_name NOT LIKE '%Hotfix%' AND software_name NOT LIKE '%Update%' AND\r\n software_uuid = system_uuid\r\n ", "sort" => "software_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"), "40" => array("name" => "software_first_timestamp", "head" => __("Date Audited"), "show" => "y", "link" => "n"), "50" => array("name" => "software_name", "head" => __("Name"), "show" => "y", "link" => "y", "get" => array("file" => "list.php", "title" => __("Systems installed this Software"), "var" => array("name" => "%software_name", "view" => "systems_for_software", "headline_addition" => "%software_name"))))))), "60" => array("headline" => __("WEB Servers"), "td_width" => array("130"), "views" => array("10" => array("headline" => __("On audited Hosts by Windowsservice"), "sql" => "\r\n SELECT system_uuid, service_uuid, service_display_name, service_started, system_name, net_ip_address\r\n FROM service, system\r\n WHERE (service_display_name LIKE 'IIS Admin%' OR service_display_name LIKE 'Apache%') AND\r\n service_uuid = system_uuid AND\r\n service_timestamp = system_timestamp\r\n ", "sort" => "system_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"), "40" => array("name" => "service_display_name", "head" => __("Service"), "show" => "y", "link" => "n"), "50" => array("name" => "service_started", "head" => __("Running"), "show" => "y", "link" => "n"))), "20" => array("headline" => __("On audited Hosts by Portscan"), "sql" => "\r\n SELECT net_ip_address, system_name, system_uuid\r\n FROM system, nmap_ports\r\n WHERE nmap_port_number = '80' AND nmap_other_id = system_uuid\r\n ", "sort" => "system_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"))), "30" => array("headline" => __("On other Hosts by Portscan"), "sql" => "\r\n SELECT other_id, other_ip_address, other_network_name, other_mac_address\r\n FROM other, nmap_ports\r\n WHERE nmap_port_number = '80' AND\r\n (nmap_other_id = other_mac_address OR nmap_other_id = other_id)\r\n ", "sort" => "other_network_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("other" => "%other_id", "view" => "other_system")), "fields" => array("10" => array("name" => "other_id", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "other_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "other_network_name", "head" => __("Hostname"), "show" => "y", "link" => "y"))))), "70" => array("headline" => __("FTP Servers"), "td_width" => array("130"), "views" => array("10" => array("headline" => __("On audited Hosts by Windowsservice"), "sql" => "\r\n SELECT service_uuid, service_display_name, service_started, system_name, net_ip_address\r\n FROM service, system\r\n WHERE service_display_name = 'FTP Publishing Service' AND\r\n service_uuid = system_uuid AND\r\n service_timestamp = system_timestamp\r\n ", "sort" => "system_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"), "40" => array("name" => "service_display_name", "head" => __("Service"), "show" => "y", "link" => "n"), "50" => array("name" => "service_started", "head" => __("Running"), "show" => "y", "link" => "n"))), "20" => array("headline" => __("On audited Hosts by Portscan"), "sql" => "\r\n SELECT net_ip_address, system_name, system_uuid\r\n FROM system, nmap_ports\r\n WHERE nmap_port_number = '21' AND nmap_other_id = system_uuid\r\n ", "sort" => "system_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"))), "30" => array("headline" => __("On other Hosts by Portscan"), "sql" => "\r\n SELECT other_id, other_ip_address, other_network_name, other_mac_address\r\n FROM other, nmap_ports\r\n WHERE nmap_port_number = '21' AND\r\n (nmap_other_id = other_mac_address OR nmap_other_id = other_id)\r\n ", "sort" => "other_network_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("other" => "%other_id", "view" => "other_system")), "fields" => array("10" => array("name" => "other_id", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "other_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "other_network_name", "head" => __("Hostname"), "show" => "y", "link" => "y"))))), "80" => array("headline" => __("Telnet Servers"), "td_width" => array("130"), "views" => array("10" => array("headline" => __("On audited Hosts by Windowsservice"), "sql" => "\r\n SELECT system_uuid,service_uuid, service_display_name, service_started, system_name, net_ip_address\r\n FROM service, system\r\n WHERE service_display_name = 'Telnet' AND\r\n service_uuid = system_uuid AND\r\n service_timestamp = system_timestamp\r\n ", "sort" => "system_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"), "40" => array("name" => "service_display_name", "head" => __("Service"), "show" => "y", "link" => "n"), "50" => array("name" => "service_started", "head" => __("Running"), "show" => "y", "link" => "n"))), "20" => array("headline" => __("On audited Hosts by Portscan"), "sql" => "\r\n SELECT net_ip_address, system_name, system_uuid\r\n FROM system, nmap_ports\r\n WHERE nmap_port_number = '23' AND nmap_other_id = system_uuid\r\n ", "sort" => "system_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"))), "30" => array("headline" => __("On other Hosts by Portscan"), "sql" => "\r\n SELECT other_id, other_ip_address, other_network_name, other_mac_address\r\n FROM other, nmap_ports\r\n WHERE nmap_port_number = '23' AND\r\n (nmap_other_id = other_mac_address OR nmap_other_id = other_id)\r\n ", "sort" => "other_network_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%other_id", "view" => "other_system")), "fields" => array("10" => array("name" => "other_id", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "other_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "other_network_name", "head" => __("Hostname"), "show" => "y", "link" => "y"))))), "90" => array("headline" => __("Email Servers"), "td_width" => array("130"), "views" => array("10" => array("headline" => __("On audited Hosts by Windowsservice"), "sql" => "\r\n SELECT system_uuid, service_uuid, service_display_name, service_started, system_name, net_ip_address FROM service, system WHERE\r\n (service_display_name = 'Microsoft Exchange Information Store' OR\r\n service_display_name = 'Simple Mail Transport Protocol (SMTP)' OR\r\n service_display_name LIKE 'Lotus Domino%' OR\r\n service_display_name = 'Simple Mail Transfer Protocol (SMTP)')\r\n AND service_timestamp = system_timestamp AND service_uuid = system_uuid\r\n ", "sort" => "system_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"), "40" => array("name" => "service_display_name", "head" => __("Service"), "show" => "y", "link" => "n"), "50" => array("name" => "service_started", "head" => __("Running"), "show" => "y", "link" => "n"))), "20" => array("headline" => __("On audited Hosts by Portscan"), "sql" => "\r\n SELECT net_ip_address, system_name, system_uuid\r\n FROM system, nmap_ports\r\n WHERE nmap_port_number = '25' AND nmap_other_id = system_uuid\r\n ", "sort" => "system_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"))), "30" => array("headline" => __("On other Hosts by Portscan"), "sql" => "\r\n SELECT other_id, other_ip_address, other_network_name, other_mac_address\r\n FROM other, nmap_ports\r\n WHERE nmap_port_number = '25' AND\r\n (nmap_other_id = other_mac_address OR nmap_other_id = other_id)\r\n ", "sort" => "other_network_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%other_id", "view" => "other_system")), "fields" => array("10" => array("name" => "other_id", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "other_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "other_network_name", "head" => __("Hostname"), "show" => "y", "link" => "y"))))), "100" => array("headline" => __("Active VNC Servers"), "td_width" => array("130"), "views" => array("10" => array("headline" => __("On audited Hosts by Windowsservice"), "sql" => "\r\n SELECT system_uuid, service_uuid, service_display_name, service_started, system_name, net_ip_address FROM service, system\r\n WHERE\r\n service_display_name LIKE '%VNC%' AND\r\n service_timestamp = system_timestamp AND service_uuid = system_uuid\r\n ", "sort" => "system_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"), "40" => array("name" => "service_display_name", "head" => __("Service"), "show" => "y", "link" => "n"), "50" => array("name" => "service_started", "head" => __("Running"), "show" => "y", "link" => "n"))), "20" => array("headline" => __("On audited Hosts by Portscan"), "sql" => "\r\n SELECT net_ip_address, system_name, system_uuid\r\n FROM system, nmap_ports\r\n WHERE nmap_port_number = '5900' AND nmap_other_id = system_uuid\r\n ", "sort" => "system_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"))), "30" => array("headline" => __("On other Hosts by Portscan"), "sql" => "\r\n SELECT other_id, other_ip_address, other_network_name, other_mac_address\r\n FROM other, nmap_ports\r\n WHERE nmap_port_number = '5900' AND\r\n (nmap_other_id = other_mac_address OR nmap_other_id = other_id)\r\n ", "sort" => "other_network_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%other_id", "view" => "other_system")), "fields" => array("10" => array("name" => "other_id", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "other_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "other_network_name", "head" => __("Hostname"), "show" => "y", "link" => "y"))))), "110" => array("headline" => __("Active RDP or Terminal Servers"), "td_width" => array("130"), "views" => array("10" => array("headline" => __("On audited Hosts by Windowsservice"), "sql" => "\r\n SELECT system_uuid, service_uuid, service_display_name, service_started, system_name, net_ip_address\r\n FROM service, system\r\n WHERE\r\n service_display_name LIKE '%Terminal%' AND\r\n service_timestamp = system_timestamp AND service_uuid = system_uuid\r\n ", "sort" => "system_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"), "40" => array("name" => "service_display_name", "head" => __("Service"), "show" => "y", "link" => "n"), "50" => array("name" => "service_started", "head" => __("Running"), "show" => "y", "link" => "n"))), "20" => array("headline" => __("On audited Hosts by Portscan"), "sql" => "\r\n SELECT net_ip_address, system_name, system_uuid\r\n FROM system, nmap_ports\r\n WHERE nmap_port_number = '3389' AND nmap_other_id = system_uuid\r\n ", "sort" => "system_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"))), "30" => array("headline" => __("On other Hosts by Portscan"), "sql" => "\r\n SELECT other_id, other_ip_address, other_network_name, other_mac_address\r\n FROM other, nmap_ports\r\n WHERE nmap_port_number = '3389' AND\r\n (nmap_other_id = other_mac_address OR nmap_other_id = other_id)\r\n ", "sort" => "other_network_name", "show" => $show_software_detected, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%other_id", "view" => "other_system")), "fields" => array("10" => array("name" => "other_id", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "other_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "other_network_name", "head" => __("Hostname"), "show" => "y", "link" => "y"))))), "120" => array("headline" => __("XP SP2 without up to date AntiVirus"), "td_width" => array("130"), "views" => array("10" => array("sql" => "\r\n SELECT system_name, net_ip_address, system_uuid, virus_name, virus_uptodate\r\n FROM system\r\n WHERE (virus_name = '' OR virus_uptodate = 'False') AND system_service_pack = '2.0' AND system_os_name LIKE 'Microsoft Windows XP%'\r\n ", "sort" => "system_name", "show" => $show_system_discovered, "get" => array("file" => "system.php", "title" => __("Go to System"), "var" => array("pc" => "%system_uuid", "view" => "summary")), "fields" => array("10" => array("name" => "system_uuid", "head" => __("UUID"), "show" => "n"), "20" => array("name" => "net_ip_address", "head" => __("IP"), "show" => "y", "link" => "y"), "30" => array("name" => "system_name", "head" => __("Hostname"), "show" => "y", "link" => "y"), "40" => array("name" => "virus_name", "head" => __("AntiVirus Program")), "50" => array("name" => "virus_uptodate", "head" => __("AntiVirus Up To Date")))))));
$sitedescription = "Software changes detected by Open Audit.";
//New Translatation-System
if ($language == "") {
$GLOBALS["language"] = "en";
}
$language_file = "./lang/" . $GLOBALS["language"] . ".inc";
if (is_file($language_file)) {
include $language_file;
} else {
die("Language-File not found: " . $language_file);
}
$db = mysql_connect($mysql_server, $mysql_user, $mysql_password) or die('Could not connect: ' . mysql_error());
mysql_select_db($mysql_database, $db);
$sql = "SELECT sw.software_id, sw.software_name, sw.software_first_timestamp, sys.system_name, sys.system_uuid, sys.net_ip_address, sys.net_user_name FROM software sw, system sys ";
$sql .= "WHERE sw.software_first_timestamp >= '" . adjustdate(0, 0, -$days_software_detected) . "000000' ";
$sql .= "AND sys.system_first_timestamp < '" . adjustdate(0, 0, -$days_software_detected) . "000000' ";
$sql .= "AND sw.software_name NOT LIKE '%Hotfix%' AND sw.software_name NOT LIKE '%Service Pack%' AND sw.software_name NOT REGEXP '[KB|Q][0-9]{6,}' ";
$sql .= "AND sw.software_timestamp = sys.system_timestamp ";
$sql .= "AND sw.software_uuid = sys.system_uuid ";
$result = mysql_query($sql, $db);
$bgcolor = "#FFFFFF";
echo '<rss version="2.0">' . "\n";
echo '<channel>' . "\n";
echo '<image>' . "\n";
echo '<url>' . $sitename . 'favicon.ico</url>' . "\n";
echo '</image>' . "\n";
echo '<title>' . $sitename . '</title>' . "\n";
echo '<link>' . $sitebaseurl . '</link>' . "\n";
echo '<description>' . $sitedescription . '</description>' . "\n";
if ($myrow = mysql_fetch_array($result)) {
do {
function GetDetectedSoftwareData($id)
{
global $db, $days_software_detected;
$tr_class = 'npb_highlight_row';
$sql = "SELECT sw.software_name, sw.software_first_timestamp, sys.system_name, sys.system_uuid, sys.net_ip_address ";
$sql .= "FROM software sw, system sys ";
$sql .= "WHERE sw.software_first_timestamp >= '" . adjustdate(0, 0, -$days_software_detected) . "000000' ";
$sql .= "AND sys.system_first_timestamp < '" . adjustdate(0, 0, -$days_software_detected) . "000000' ";
$sql .= "AND sw.software_name NOT LIKE '%Hotfix%' AND sw.software_name NOT LIKE '%Service Pack%' AND sw.software_name NOT REGEXP '[KB|Q][0-9]{6,}' ";
$sql .= "AND sw.software_timestamp = sys.system_timestamp ";
$sql .= "AND sw.software_uuid = sys.system_uuid ";
$sql .= "ORDER BY sw.software_name";
$result = mysql_query($sql, $db) or die(mysql_error());
$count = mysql_numrows($result);
echo "<div class='npb_content_data' id='" . $id . "' style='display: none;'>";
if ($myrow = mysql_fetch_array($result)) {
echo "<table>";
echo " <tr>";
echo "\t\t<th>" . __("IP Address") . "</td>";
echo " \t<th>" . __("Hostname") . "</td>";
echo " \t<th>" . __("Date Audited") . "</td>";
echo " \t<th>" . __("Software") . "</td>";
echo "</tr>";
do {
echo "<tr class='" . alternate_tr_class($tr_class) . "'>";
echo "\t<td>" . ip_trans($myrow["net_ip_address"]) . "</td>";
echo "\t<td><a href=\"system.php?pc=" . $myrow["system_uuid"] . "&view=summary\">" . $myrow["system_name"] . "</a></td>";
echo "\t<td>" . return_date($myrow["software_first_timestamp"]) . "</td>";
echo "\t<td>" . $myrow["software_name"] . "</td>";
echo "\t</tr>";
} while ($myrow = mysql_fetch_array($result));
}
echo "</table>";
echo "</div>";
echo "<p class='npb_section_summary'>" . __("Packages") . ": " . $count . "</p>";
return;
}
echo "<tr>\n";
echo " <td class=\"contenthead\"><a href=\"javascript://\" onclick=\"switchUl('f4');\">Software detected in the last " . $days_software_detected . " days.</a></td>\n";
echo " <td align=\"right\"><a href=\"javascript://\" onclick=\"switchUl('f4');\"><img src=\"" . $but_all . "\" width=\"16\" height=\"16\" border=\"0\" /></a></td>\n";
echo "</tr>\n";
echo "</table>";
echo "<div style=\"display:none;\" id=\"f4\">";
echo "<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\" width=\"100%\" class=\"content\">\n";
echo "<tr>\n";
echo "<td width=\"120\"><b>IP Address</b></td>\n";
echo "<td width=\"150\"><b>System Name</b></td>\n";
echo "<td width=\"100\"><b>Detected</b></td>\n";
echo "<td><b>Software Title</b></td>\n";
echo "</tr>\n";
do {
if ($myrow["MIN(system_timestamp)"] < adjustdate(0, 0, -$days_software_detected) . "000000") {
$sql2 = "SELECT software_uuid, software_first_timestamp, software_name FROM software WHERE software_uuid = '" . $myrow["system_uuid"] . "' AND software_first_timestamp >= '" . adjustdate(0, 0, -$days_software_detected) . "000000' AND software_name NOT LIKE '%Hotfix%' AND software_name NOT LIKE '%Update%'";
$result2 = mysql_query($sql2, $db);
if ($myrow2 = mysql_fetch_array($result2)) {
do {
$count = $count + 1;
if ($bgcolor == "#F1F1F1") {
$bgcolor = "#FFFFFF";
} else {
$bgcolor = "#F1F1F1";
}
echo "<tr bgcolor=\"" . $bgcolor . "\">\n";
echo "<td>" . ip_trans($myrow["net_ip_address"]) . "</td>\n";
echo "<td><a href=\"system_summary.php?pc=" . $myrow2["software_uuid"] . "\">" . $myrow["system_name"] . "</a></td>\n";
echo "<td>" . return_date($myrow2["software_first_timestamp"]) . "</td>\n";
echo "<td>" . $myrow2["software_name"] . "</td>\n";
echo "</tr>\n";
