} /* Print # of Occurances */ $tmp_iplookup = 'base_qry_main.php?num_result_rows=-1' . '&submit=' . gettext("Query+DB") . '&current_view=-1'; $tmp_iplookup2 = 'base_stat_alerts.php?num_result_rows=-1' . '&submit=' . gettext("Query+DB") . '&current_view=-1&sort_order=occur_d'; if ($addr_type == 1) { if ($no_ip) { $url_criteria = BuildSrcIPFormVars(NULL_IP); } else { $url_criteria = BuildSrcIPFormVars($currentIP); } } else { if ($addr_type == 2) { if ($no_ip) { $url_criteria = BuildDstIpFormVars(NULL_IP); } else { $url_criteria = BuildDstIPFormVars($currentIP); } } } qroPrintEntry($num_sensors); qroPrintEntry('<A HREF="' . $tmp_iplookup . $url_criteria . '">' . $num_events . '</A>'); qroPrintEntry('<A HREF="' . $tmp_iplookup2 . $url_criteria . '">' . $num_sig . '</A>'); qroPrintEntry($num_ip); if (file_exists("../kml/GoogleEarth.php")) { qroPrintEntry("<a href='' onclick='window.open(\"../kml/TourConfig.php?type={$addr_type_name}&ip={$currentIP}\",\"IP {$currentIP} " . ($addr_type == 2 ? _("sources") : _("destinations")) . " - Goggle Earth API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_earth_icon.png' border='0'></a> <a href='' onclick='window.open(\"../kml/IPGoogleMap.php?type={$addr_type_name}&ip={$currentIP}\",\"IP {$currentIP} " . ($addr_type == 2 ? _("sources") : _("destinations")) . " - Goggle Maps API\",\"width=1024,height=700,scrollbars=NO,toolbar=1\");return false'><img align='absmiddle' src='../pixmaps/google_maps_icon.png' border='0'></a>"); } qroPrintEntryFooter(); ++$i; // report_data $report_data[] = array($currentIP, $slnk, $num_sig, $num_ip, "", "", "", "", "", "", "", intval($_GET['addr_type']), $num_sensors, $num_events); }
$db->baseDBConnect($db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password); // Include base_header.php PrintBASESubHeader($page_title, $page_title, $cs->GetBackLink(), 1); if ($event_cache_auto_update == 1) { UpdateAlertCache($db); } if (sizeof($sig) != 0 && strstr($sig[1], "spp_portscan")) { $sig[1] = ""; } /* Build new link for criteria-based sensor page * -- ALS <*****@*****.**> */ $tmp_sensor_lookup = 'base_stat_sensor.php?ip_addr_cnt=2&m_opt=analysis&sm_opt=security_events&h_opt=security_events' . BuildIPFormVars($ip); $tmp_srcdst_iplookup = 'base_qry_main.php?new=2&m_opt=analysis&sm_opt=security_events&h_opt=security_events' . '&num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1&ip_addr_cnt=2' . BuildIPFormVars($ip); $tmp_src_iplookup = 'base_qry_main.php?new=2&m_opt=analysis&sm_opt=security_events&h_opt=security_events' . '&num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1&ip_addr_cnt=1' . BuildSrcIPFormVars($ip); $tmp_dst_iplookup = 'base_qry_main.php?new=2&m_opt=analysis&sm_opt=security_events&h_opt=security_events' . '&num_result_rows=-1' . '&submit=' . gettext("Query DB") . '&current_view=-1&ip_addr_cnt=1' . BuildDstIPFormVars($ip); echo '<CENTER><BR>'; echo '<table border=0 cellpadding=0 cellspacing=0 class="table_list" style="width:90%">'; echo '<tr style="background-color:#F2F2F2;"><td align=\'right\' class="uppercase">'; printf("<FONT>" . gettext("all events with <b>%s/%s</b> as") . ":</FONT>", Util::htmlentities($ip), Util::htmlentities($netmask)); echo '</td>'; echo '<td align=\'left\' style=\'padding-left:15px;\'> <A target="main" class="flnk" HREF="' . $tmp_src_iplookup . '">' . gettext("Source") . '</A> | <A target="main" class="flnk" HREF="' . $tmp_dst_iplookup . '">' . gettext("Destination") . '</A> | <A target="main" class="flnk" HREF="' . $tmp_srcdst_iplookup . '">' . gettext("Source") . ' or ' . gettext("Destination") . '</A><BR></td></tr>'; echo '<tr><td align=\'right\' class="uppercase">'; echo gettext("show") . ':</td><td align=\'left\' style=\'padding-left:15px;\'> <A target="main" class="flnk" HREF="base_stat_alerts.php?ip_addr_cnt=2&m_opt=analysis&sm_opt=security_events&h_opt=security_events' . BuildIPFormVars($ip) . '">' . gettext("Unique Events") . '</A> <BR></td></tr>'; echo "<tr style=\"background-color:#F2F2F2;\"><td style=\"text-align:right;\" class='uppercase'>"; echo '<FONT>' . gettext("Registry lookup (whois) in") . ': </td><td align=\'left\' style=\'padding-left:15px;\'>';
/* Connect to the Alert database */ $db = NewBASEDBConnection($DBlib_path, $DBtype); $db->baseDBConnect($db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password); if ($event_cache_auto_update == 1) { UpdateAlertCache($db); } if (sizeof($sig) != 0 && strstr($sig[1], "spp_portscan")) { $sig[1] = ""; } /* Build new link for criteria-based sensor page * -- ALS <*****@*****.**> */ $tmp_sensor_lookup = 'base_stat_sensor.php?ip_addr_cnt=2' . BuildIPFormVars($ip); $tmp_srcdst_iplookup = 'base_qry_main.php?new=2' . '&num_result_rows=-1' . '&submit=' . gettext("Query+DB") . '&current_view=-1&ip_addr_cnt=2' . BuildIPFormVars($ip); $tmp_src_iplookup = 'base_qry_main.php?new=2' . '&num_result_rows=-1' . '&submit=' . gettext("Query+DB") . '&current_view=-1&ip_addr_cnt=1' . BuildSrcIPFormVars($ip); $tmp_dst_iplookup = 'base_qry_main.php?new=2' . '&num_result_rows=-1' . '&submit=' . gettext("Query+DB") . '&current_view=-1&ip_addr_cnt=1' . BuildDstIPFormVars($ip); echo '<CENTER>'; echo '<table border=0 cellpadding=0 cellspacing=0 width="90%">'; echo '<tr height=\'20px\'><td> </td><td> </td></tr>'; echo '<tr style="background-color:#F2F2F2;"><td align=\'right\'>'; printf("<FONT>" . gettext("all events with %s/%s as") . ":</FONT>", $ip, $netmask); echo '</td>'; echo '<td align=\'left\' style=\'padding-left:15px;\'> <A HREF="' . $tmp_src_iplookup . '">' . gettext("Source") . '</A> | <A HREF="' . $tmp_dst_iplookup . '">' . gettext("Destination") . '</A> | <A HREF="' . $tmp_srcdst_iplookup . '">' . gettext("Source") . '/' . gettext("Destination") . '</A><BR></td></tr>'; echo '<tr><td align=\'right\'>'; echo gettext("show") . ':</td><td align=\'left\' style=\'padding-left:15px;\'> <A HREF="base_stat_ipaddr.php?ip=' . $ip . '&netmask=' . $netmask . '&action=events">' . gettext("Unique Events") . '</A> | <A HREF="base_stat_ipaddr.php?ip=' . $ip . '&netmask=' . $netmask . '&action=portscan">' . gettext("Portscan Events") . '</A>