Exemple #1
0
            public void ShouldParseResponseAndReturnTheValuesInTheEventPayload()
            {
                IEnumerable <IEvent> events = _generator.GetEvents();

                Assert.AreEqual(1, events.Count());
                Assert.IsInstanceOfType(events.First(), typeof(ListeningPorts));
                ListeningPorts listeningPortsEvent = (ListeningPorts)events.First();

                Assert.AreEqual(1, listeningPortsEvent.Payload.Count());
                ListeningPortsPayload payload = listeningPortsEvent.Payload.First();

                Assert.AreEqual("80", payload.LocalPort);
                Assert.AreEqual("0", payload.RemotePort);
                Assert.AreEqual("tcp", payload.Protocol);
            }
Exemple #2
0
        public void ListeningPorts()
        {
            var payload = new ListeningPortsPayload
            {
                LocalAddress  = "::ffff:c000:0280",
                LocalPort     = "234",
                Protocol      = "tcp",
                RemoteAddress = "192.168.0.1",
                RemotePort    = "32"
            };

            var obj = new ListeningPorts(EventPriority.Operational, payload);

            obj.ValidateSchema();
        }
Exemple #3
0
        /// <summary>
        /// Read the netsat output
        /// Create an event that conatins all the open ports in state LISTEN (UDP and TCP)
        /// </summary>
        /// <returns>List of open ports event</returns>
        protected override List <IEvent> GetEventsImpl()
        {
            //Run netstat and parse the output
            const string netstatCommand           = "netstat -ln";
            string       content                  = _processUtil.ExecuteBashShellCommand(netstatCommand);
            List <ListeningPortsPayload> payloads = NetstatUtils.ParseNetstatListeners(content, LocalAddressColumnNumber, RemoteAddressColumnNumber);

            SimpleLogger.Debug($"NetstatEventGenerator returns {payloads.Count} payloads");

            var openPorts = new ListeningPorts(Priority, payloads.ToArray());

            return(new List <IEvent>()
            {
                openPorts
            });
        }
Exemple #4
0
        /// <summary>
        /// Read the netsat output
        /// Create an event that conatins all the open ports in state LISTEN (UDP and TCP)
        /// </summary>
        /// <returns>List of open ports event</returns>
        protected override List <IEvent> GetEventsImpl()
        {
            //Run netstat and parse the output
            //We redirect stderr to /dev/null to avoid root requirements (sudo)
            const string netstatCommand           = "netstat -an";
            string       content                  = _processUtil.ExecuteWindowsCommand(netstatCommand);
            List <ListeningPortsPayload> payloads = NetstatUtils.ParseNetstatListeners(content, LocalAddressColumnNumber, RemoteAddressColumnNumber);

            SimpleLogger.Debug($"NetstatEventGenerator returns {payloads.Count} payloads");

            var openPorts = new ListeningPorts(Priority, payloads.ToArray());

            return(new List <IEvent>()
            {
                openPorts
            });
        }