OpenNMS API 1.2.3

org.opennms.netmgt.vulnscand
Class NessusScan

java.lang.Object
  extended byorg.opennms.netmgt.vulnscand.NessusScan
All Implemented Interfaces:
java.lang.Runnable

class NessusScan
extends java.lang.Object
implements java.lang.Runnable

This class is a proxy for communications with the Nessus security scanner daemon, nessusd. It has been designed to:

Other functions (arbitrary plugin selection, SSL support) may be added in the future.


Field Summary
private  NessusScanConfiguration config
          Nessus configuration that is used to perform the current scan.
private static java.lang.String INSERT_NEW_VULNERABILITY
          Insert a new vulnerability into the "vulnerabilities" table
private  int lastPlugin
          Integer of the ordinal of the last plugin that was executed against the target.
private static java.lang.String NTP_CLIENT_ENTITY
           
private static java.lang.String NTP_PASSWORD_PROMPT
           
private static java.lang.String NTP_SEP
           
private static java.lang.String NTP_SERVER_ENTITY
           
private static java.lang.String NTP_USERNAME_PROMPT
           
private static java.lang.String NTP_VERSION_STRING
           
private  org.apache.regexp.RE ntpTokenizer
          Regex expression that is used to tokenize the messages from Nessus.
private  java.util.Set openVulnerabilities
          List of the open vulnerabilities on an IP address
private  java.lang.String[] pluginLists
          Array that holds the plugin lists for each scanning level.
private static int PORTSCAN_PLUGIN_ID
           
private static java.lang.String RESOLVE_VULNERABILITY
          Resolve a given vulnerability by its unique ID number.
private  boolean[] safeChecks
          Array that holds the safe-checks settings for each scanning level.
static int SCAN_COMPLETE
           
static int SCAN_FATAL_ERROR
           
static int SCAN_HOST_DOWN
           
static int SCAN_NON_FATAL_ERROR
           
static int SCAN_SUCCESS
           
private static java.lang.String SELECT_ALL_VULNERABILITIES
          Get all unresolved vulnerabilities for a given ipaddr.
private static java.lang.String SELECT_NEXT_ID
          Select the next vulnerabilityID from the sequence
private static java.lang.String SELECT_OPEN_VULNERABILITY
          Find an open vulnerability ID in the database.
private static java.lang.String SELECT_PLUGIN_INFO
          This query retrieves the name and summary of a plugin out of the database so that we can construct the logmsg of the vulnerability with the fields.
private  int totalPlugins
          Counter of the total number of plugins that will be executed against this host.
private static java.lang.String VULNERABILITY_SCAN_ATTEMPTED
          Update the timestamps in an open vulnerability for which the rescan failed.
private static java.lang.String VULNERABILITY_SCANNED
          Update the timestamps in an open vulnerability that was rescanned and still exists.
 
Constructor Summary
NessusScan(NessusScanConfiguration newConfig)
          Create a new scan that will scan the target specified in the configuration and insert the results of the scan into the database.
 
Method Summary
private  java.lang.String buildPreferencesString()
          Build the preferences string with the appropriate plugins and safe_checks settings from the config file.
private  java.lang.String buildStopScanString()
           
private  java.lang.String buildStopWholeTestString()
           
private  void init()
           
private  int processScanMessage(java.lang.String message)
          Process a scan message.
 FifoQueue readLines(java.io.InputStream in)
           
 void run()
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

NTP_VERSION_STRING

private static final java.lang.String NTP_VERSION_STRING
See Also:
Constant Field Values

NTP_CLIENT_ENTITY

private static final java.lang.String NTP_CLIENT_ENTITY
See Also:
Constant Field Values

NTP_SERVER_ENTITY

private static final java.lang.String NTP_SERVER_ENTITY
See Also:
Constant Field Values

NTP_USERNAME_PROMPT

private static final java.lang.String NTP_USERNAME_PROMPT
See Also:
Constant Field Values

NTP_PASSWORD_PROMPT

private static final java.lang.String NTP_PASSWORD_PROMPT
See Also:
Constant Field Values

NTP_SEP

private static final java.lang.String NTP_SEP
See Also:
Constant Field Values

PORTSCAN_PLUGIN_ID

private static final int PORTSCAN_PLUGIN_ID
See Also:
Constant Field Values

SCAN_SUCCESS

public static final int SCAN_SUCCESS
See Also:
Constant Field Values

SCAN_HOST_DOWN

public static final int SCAN_HOST_DOWN
See Also:
Constant Field Values

SCAN_FATAL_ERROR

public static final int SCAN_FATAL_ERROR
See Also:
Constant Field Values

SCAN_NON_FATAL_ERROR

public static final int SCAN_NON_FATAL_ERROR
See Also:
Constant Field Values

SCAN_COMPLETE

public static final int SCAN_COMPLETE
See Also:
Constant Field Values

SELECT_NEXT_ID

private static final java.lang.String SELECT_NEXT_ID
Select the next vulnerabilityID from the sequence

See Also:
Constant Field Values

SELECT_ALL_VULNERABILITIES

private static final java.lang.String SELECT_ALL_VULNERABILITIES
Get all unresolved vulnerabilities for a given ipaddr.

See Also:
Constant Field Values

SELECT_PLUGIN_INFO

private static final java.lang.String SELECT_PLUGIN_INFO
This query retrieves the name and summary of a plugin out of the database so that we can construct the logmsg of the vulnerability with the fields.

See Also:
Constant Field Values

INSERT_NEW_VULNERABILITY

private static final java.lang.String INSERT_NEW_VULNERABILITY
Insert a new vulnerability into the "vulnerabilities" table

See Also:
Constant Field Values

SELECT_OPEN_VULNERABILITY

private static final java.lang.String SELECT_OPEN_VULNERABILITY
Find an open vulnerability ID in the database. The combination of ipaddr, port, protocol, pluginID, and pluginSubID is used as the key for vulnerability uniqueness.

See Also:
Constant Field Values

VULNERABILITY_SCANNED

private static final java.lang.String VULNERABILITY_SCANNED
Update the timestamps in an open vulnerability that was rescanned and still exists.

See Also:
Constant Field Values

VULNERABILITY_SCAN_ATTEMPTED

private static final java.lang.String VULNERABILITY_SCAN_ATTEMPTED
Update the timestamps in an open vulnerability for which the rescan failed.

See Also:
Constant Field Values

RESOLVE_VULNERABILITY

private static final java.lang.String RESOLVE_VULNERABILITY
Resolve a given vulnerability by its unique ID number.

See Also:
Constant Field Values

config

private NessusScanConfiguration config
Nessus configuration that is used to perform the current scan.


ntpTokenizer

private org.apache.regexp.RE ntpTokenizer
Regex expression that is used to tokenize the messages from Nessus.


openVulnerabilities

private java.util.Set openVulnerabilities
List of the open vulnerabilities on an IP address


pluginLists

private java.lang.String[] pluginLists
Array that holds the plugin lists for each scanning level.


safeChecks

private boolean[] safeChecks
Array that holds the safe-checks settings for each scanning level.


lastPlugin

private int lastPlugin
Integer of the ordinal of the last plugin that was executed against the target. This number is used to ensure that if the scan is terminated prematurely because of an unreachable host in the list, the vulnerabilities are not marked resolved.


totalPlugins

private int totalPlugins
Counter of the total number of plugins that will be executed against this host.

Constructor Detail

NessusScan

public NessusScan(NessusScanConfiguration newConfig)
           throws java.lang.IllegalArgumentException
Create a new scan that will scan the target specified in the configuration and insert the results of the scan into the database.

Method Detail

init

private void init()

run

public void run()
Specified by:
run in interface java.lang.Runnable

buildStopWholeTestString

private java.lang.String buildStopWholeTestString()

buildStopScanString

private java.lang.String buildStopScanString()

buildPreferencesString

private java.lang.String buildPreferencesString()
Build the preferences string with the appropriate plugins and safe_checks settings from the config file.


processScanMessage

private int processScanMessage(java.lang.String message)
Process a scan message.

This function is designed to parse any messages that come from Nessus during a scan session (eg. after the NEW_ATTACK directive has been sent)

The following types of events are handled:


readLines

public FifoQueue readLines(java.io.InputStream in)

OpenNMS API 1.2.3

Generated by eevans on May 29 2005 2015.