Red Hat NETWORK 3.6 - Guía de usuario descargar pdf (Pagina 34)

seealso

If one or more URLs are available, this keyword can be used

to display them. Multiple URLs can be specified on one line

with commas. Example entries for this could include CERT

advisories and vendor information web sites. Note: PVS 3.0.x

will only display the last seealso defined in the PRM. PVS 3.2

and later will display multiple seealso directives.

solution

If a solution is available, it can be described here. The report

section will highlight the solution with different text.

sport

This setting applies the PVS plugin to just one port. For

example, it may make sense to write a SNMP plugin that just

looks for activity on port 162. However, for detection of off-

port services like a web server running on port 8080, a

“sport” field would not be used in the plugin.

syslog_cutoff

This option will affect the output sent to servers specified

with realtime-syslog, as well as the data in the file

specified with realtime-file. By specifying a token (e.g.,

“required”), the syslog message generated from the sniffed

packet will be truncated from the token on.

timed-dependency

With this keyword, the functionality of the “noplugin” and

“dependency” keywords is slightly modified such that the

evaluation must have occurred within the last “n” seconds.

udp

All plugins are assumed to be based on the TCP protocol

unless this keyword is specified.

In addition to tcp or udp, the following protocols are supported: sctp, icmp, igmp,

ipip, egp, pup, idp, tp, rsvp, gre, pim, esp, ah, mtp, encap, pim, comp, raw or

other.

The max_syslog, pmax_syslog, syslog_cutoff, and psyslog_cutoff directives

can be used in any combination. If multiple limits are reached, the smallest limit

will take effect.

Plugin Libraries

When writing PVS plugins in a .prm library, spaces are allowed, as are comment fields that

start with a number sign. Each plugin must be separated with the word “NEXT” on a single

line.

Simply creating a .prm file in the plugins directory will make it available for use. PVS must

be restarted for the new plugins to be used.

Basic Passive Vulnerability Scanner Example

This plugin illustrates the basic concepts of PVS plugin writing:

id=1001

nid=11414

1 2 ... 29 30 31 32 33 34 35 36 37 38 39 ... 60 61

Comentarios a estos manuales

Sin comentarios

Red Hat NETWORK 3.6 - Guía de usuario Pagina 34

Comentarios a estos manuales

Relacionado con productos y manuales para Servidores Red Hat NETWORK 3.6 -