Пример #1
0
$submit = ImportHTTPVar("submit", VAR_ALPHA | VAR_SPACE);
// Check role out and redirect if needed -- Kevin
$roleneeded = 10000;
#$BUser = new BaseUser();
#if (($BUser->hasRole($roleneeded) == 0) && ($Use_Auth_System == 1)) base_header("Location: " . $BASE_urlpath . "/index.php");
if ($netmask == '') {
    $netmask = "32";
}
$page_title = $ip . '/' . $netmask;
/* Connect to the Alert database */
$db = NewBASEDBConnection($DBlib_path, $DBtype);
$db->baseDBConnect($db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password);
// Include base_header.php
PrintBASESubHeader($page_title, $page_title, $cs->GetBackLink(), 1);
if ($event_cache_auto_update == 1) {
    UpdateAlertCache($db);
}
if (sizeof($sig) != 0 && strstr($sig[1], "spp_portscan")) {
    $sig[1] = "";
}
/*  Build new link for criteria-based sensor page
*                    -- ALS <*****@*****.**>
*/
$tmp_sensor_lookup = 'base_stat_sensor.php?ip_addr_cnt=2&m_opt=analysis&sm_opt=security_events&h_opt=security_events' . BuildIPFormVars($ip);
$tmp_srcdst_iplookup = 'base_qry_main.php?new=2&m_opt=analysis&sm_opt=security_events&h_opt=security_events' . '&amp;num_result_rows=-1' . '&amp;submit=' . gettext("Query DB") . '&amp;current_view=-1&amp;ip_addr_cnt=2' . BuildIPFormVars($ip);
$tmp_src_iplookup = 'base_qry_main.php?new=2&m_opt=analysis&sm_opt=security_events&h_opt=security_events' . '&amp;num_result_rows=-1' . '&amp;submit=' . gettext("Query DB") . '&amp;current_view=-1&amp;ip_addr_cnt=1' . BuildSrcIPFormVars($ip);
$tmp_dst_iplookup = 'base_qry_main.php?new=2&m_opt=analysis&sm_opt=security_events&h_opt=security_events' . '&amp;num_result_rows=-1' . '&amp;submit=' . gettext("Query DB") . '&amp;current_view=-1&amp;ip_addr_cnt=1' . BuildDstIPFormVars($ip);
echo '<CENTER><BR>';
echo '<table border=0 cellpadding=0 cellspacing=0 class="table_list" style="width:90%">';
echo '<tr style="background-color:#F2F2F2;"><td align=\'right\' class="uppercase">';
printf("<FONT>" . gettext("all events with <b>%s/%s</b> as") . ":</FONT>", Util::htmlentities($ip), Util::htmlentities($netmask));
Пример #2
0
#$BUser = new BaseUser();
#if (($BUser->hasRole($roleneeded) == 0) && ($Use_Auth_System == 1)) base_header("Location: " . $BASE_urlpath . "/index.php");
$et = new EventTiming($debug_time_mode);
// The below three lines were moved from line 87 because of the odd errors some users were having
/* Connect to the Alert database */
$db = NewBASEDBConnection($DBlib_path, $DBtype);
$db->baseDBConnect($db_connect_method, $alert_dbname, $alert_host, $alert_port, $alert_user, $alert_password, 0, 1);
$cs = new CriteriaState("base_stat_otx.php", "");
$cs->ReadState();
/* Dump some debugging information on the shared state */
// if ($debug_mode > 0) {
    // PrintCriteriaState();
// }
$qs = new QueryState();

if ($event_cache_auto_update == 1) UpdateAlertCache($db);
$criteria_clauses = ProcessCriteria();

// Include base_header.php
if ($qs->isCannedQuery()) PrintBASESubHeader($page_title . ": " . $qs->GetCurrentCannedQueryDesc() , $page_title . ": " . $qs->GetCurrentCannedQueryDesc() , $cs->GetBackLink() , 1);
else PrintBASESubHeader($page_title, $page_title, $cs->GetBackLink() , 1);

$criteria = $criteria_clauses[0] . " " . $criteria_clauses[1];

if (preg_match("/otx_data/",$criteria)) 
{
    $where  = " WHERE " . $criteria_clauses[1];
    $from   = " FROM acid_event " . $criteria_clauses[0];
}
else
{
Пример #3
0
function Action_archive_alert_post($action_arg, &$action_ctx, $db, &$num_alert, $action_cnt)
{
    /* BEGIN LOCAL FIX */
    /* Call UpdateAlertCache to properly set cid values and make sure caches are current */
    $archive_db =& $action_ctx;
    UpdateAlertCache($archive_db);
    UpdateAlertCache($db);
    /* END LOCAL FIX */
}
Пример #4
0
function Action_archive_alert2_post($action_arg, &$action_ctx, $db, &$num_alert, $action_cnt)
{
    /* BEGIN LOCAL FIX */
    /* Call UpdateAlertCache to properly set cid values and make sure caches are current */
    $archive_db =& $action_ctx;
    UpdateAlertCache($archive_db);
    UpdateAlertCache($db);
    /* END LOCAL FIX */
    /* Reset the alert count that the query is re-executed to reflect the deletion */
    $num_alert -= $action_cnt;
}