mirror of
https://github.com/pandorafms/pandorafms.git
synced 2025-07-31 01:35:36 +02:00
2009-08-19 Sancho lerena <slerena@artica.es>
* pandora_server.spec: Added nmap to required packages, removed xprobe2. * lib/PandoraFMS/Config.pm, conf/pandora_server.conf: New token for nmap. * lib/PandoraFMS/ReconServer.pm: New parent detection, TCP scanning imple- mented using NMAP. Implemented TCP profile scanning. * lib/PandoraFMS/Tools.pm: Some reordering in pandora_get_os() gives more accurate OS guessing. enterprise_hook() now don't yell when enterprise is not found :-) git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1868 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
parent
7c3014607c
commit
8c3452ab60
@ -4,6 +4,17 @@
|
|||||||
|
|
||||||
2009-08-19 Sancho lerena <slerena@artica.es>
|
2009-08-19 Sancho lerena <slerena@artica.es>
|
||||||
|
|
||||||
|
* pandora_server.spec: Added nmap to required packages, removed xprobe2.
|
||||||
|
|
||||||
|
* lib/PandoraFMS/Config.pm, conf/pandora_server.conf: New token for nmap.
|
||||||
|
|
||||||
|
* lib/PandoraFMS/ReconServer.pm: New parent detection, TCP scanning imple-
|
||||||
|
mented using NMAP. Implemented TCP profile scanning.
|
||||||
|
|
||||||
|
* lib/PandoraFMS/Tools.pm: Some reordering in pandora_get_os() gives
|
||||||
|
more accurate OS guessing. enterprise_hook() now don't yell when enterprise
|
||||||
|
is not found :-)
|
||||||
|
|
||||||
* pandora_server.spec: Updated some dependencies. Also included the
|
* pandora_server.spec: Updated some dependencies. Also included the
|
||||||
install of pandora_db maintance script in cron.daily.
|
install of pandora_db maintance script in cron.daily.
|
||||||
|
|
||||||
|
@ -172,11 +172,18 @@ mta_address localhost
|
|||||||
# mta_from: Email address that sends the mail, by default is pandora@localhost
|
# mta_from: Email address that sends the mail, by default is pandora@localhost
|
||||||
# probably you need to change it to avoid problems with your antispam
|
# probably you need to change it to avoid problems with your antispam
|
||||||
|
|
||||||
# xprobe: If provided, is used to detect with recon server, OS fingerprint
|
# xprobe2: Optional package to detect OS types using advanced TCP/IP
|
||||||
# of detected hosts. Xprobe2 is a GNU tool to detect OS types.
|
# fingerprinting tecniques, much more accurates than stadard nmap.
|
||||||
|
# If not provided, nmap is used insted xprobe2
|
||||||
|
|
||||||
xprobe2 /usr/bin/xprobe2
|
xprobe2 /usr/bin/xprobe2
|
||||||
|
|
||||||
|
# nmap: If provided, is used to detect OS type with recon server using
|
||||||
|
# advanded OS fingerprint technique. Xprobe2 gives more accurate results
|
||||||
|
# Nmap is also used to do TCP port scanning in detected host.
|
||||||
|
|
||||||
|
nmap /usr/bin/nmap
|
||||||
|
|
||||||
# snmpget: Needed to do SNMP checks. By default is on /usr/bin/snmpget
|
# snmpget: Needed to do SNMP checks. By default is on /usr/bin/snmpget
|
||||||
|
|
||||||
snmpget /usr/bin/snmpget
|
snmpget /usr/bin/snmpget
|
||||||
|
@ -37,7 +37,7 @@ our @EXPORT = qw(
|
|||||||
|
|
||||||
# version: Defines actual version of Pandora Server for this module only
|
# version: Defines actual version of Pandora Server for this module only
|
||||||
my $pandora_version = "3.0-dev";
|
my $pandora_version = "3.0-dev";
|
||||||
my $pandora_build = "PS090810";
|
my $pandora_build = "PS090819";
|
||||||
our $VERSION = $pandora_version." ".$pandora_build;
|
our $VERSION = $pandora_version." ".$pandora_build;
|
||||||
|
|
||||||
# Setup hash
|
# Setup hash
|
||||||
@ -195,8 +195,12 @@ sub pandora_load_config {
|
|||||||
$pa_config->{"mta_auth"} = 'none'; # Introduced on 2.0 (Support LOGIN PLAIN CRAM-MD5 DIGEST-MD)
|
$pa_config->{"mta_auth"} = 'none'; # Introduced on 2.0 (Support LOGIN PLAIN CRAM-MD5 DIGEST-MD)
|
||||||
$pa_config->{"mta_from"} = 'pandora@localhost'; # Introduced on 2.0
|
$pa_config->{"mta_from"} = 'pandora@localhost'; # Introduced on 2.0
|
||||||
|
|
||||||
# Xprobe2 for recon OS fingerprinting (optional feature to detect OS)
|
# nmap for recon OS fingerprinting and tcpscan (optional)
|
||||||
$pa_config->{"xprobe2"} = "/usr/bin/xprobe2";
|
$pa_config->{"nmap"} = "/usr/bin/nmap";
|
||||||
|
|
||||||
|
# Xprobe2 for recon OS fingerprinting and tcpscan (optional)
|
||||||
|
$pa_config->{"xprobe2"} = "/usr/bin/xprobe";
|
||||||
|
|
||||||
|
|
||||||
# Snmpget for snmpget system command (optional)
|
# Snmpget for snmpget system command (optional)
|
||||||
$pa_config->{"snmpget"} = "/usr/bin/snmpget";
|
$pa_config->{"snmpget"} = "/usr/bin/snmpget";
|
||||||
@ -421,6 +425,9 @@ sub pandora_load_config {
|
|||||||
$pa_config->{"keepalive"} = clean_blank($1);
|
$pa_config->{"keepalive"} = clean_blank($1);
|
||||||
$pa_config->{"keepalive_orig"} = clean_blank($1);
|
$pa_config->{"keepalive_orig"} = clean_blank($1);
|
||||||
}
|
}
|
||||||
|
elsif ($parametro =~ m/^nmap\s(.*)/i) {
|
||||||
|
$pa_config->{'nmap'}= clean_blank($1);
|
||||||
|
}
|
||||||
elsif ($parametro =~ m/^xprobe2\s(.*)/i) {
|
elsif ($parametro =~ m/^xprobe2\s(.*)/i) {
|
||||||
$pa_config->{'xprobe2'}= clean_blank($1);
|
$pa_config->{'xprobe2'}= clean_blank($1);
|
||||||
}
|
}
|
||||||
|
@ -25,7 +25,6 @@ use threads::shared;
|
|||||||
use Thread::Semaphore;
|
use Thread::Semaphore;
|
||||||
|
|
||||||
use IO::Socket::INET;
|
use IO::Socket::INET;
|
||||||
use Net::Ping;
|
|
||||||
use NetAddr::IP;
|
use NetAddr::IP;
|
||||||
use POSIX qw(strftime ceil);
|
use POSIX qw(strftime ceil);
|
||||||
|
|
||||||
@ -128,35 +127,22 @@ sub data_consumer ($$) {
|
|||||||
# Does the host already exist?
|
# Does the host already exist?
|
||||||
next if (get_agent_from_addr ($dbh, $addr) > 0);
|
next if (get_agent_from_addr ($dbh, $addr) > 0);
|
||||||
|
|
||||||
# Is the host alive? (thanks to Evi for the TCP scans)
|
|
||||||
my $alive = 0;
|
my $alive = 0;
|
||||||
if (pandora_ping ($pa_config, $addr) == 1) {
|
if (pandora_ping ($pa_config, $addr) == 1) {
|
||||||
$alive = 1;
|
$alive = 1;
|
||||||
#Check for Remote Desktop & VNC (Desktop & Server machines)
|
# TCP Port profiling
|
||||||
#} elsif (tcp_scan ($addr, $pa_config->{'networktimeout'}, 3389) == 1 ||
|
if ((defined ($task->{'recon_ports'})) && ($task->{'recon_ports'} ne "")) {
|
||||||
# tcp_scan ($addr, $pa_config->{'networktimeout'}, 5900) == 1) {
|
$alive = tcp_scan ($pa_config, $addr, $task->{'recon_ports'});
|
||||||
# $alive = 1;
|
}
|
||||||
#Check for management ports 10000 = Webmin, 161 = SNMP (Most embedded devices)
|
|
||||||
#} elsif (tcp_scan ($addr, $pa_config->{'networktimeout'}, 10000) == 1 ||
|
|
||||||
# tcp_scan ($addr, $pa_config->{'networktimeout'}, 161) == 1) {
|
|
||||||
# $alive = 1;
|
|
||||||
#Check for SSH & Mail (Servers and Unix machines)
|
|
||||||
#} elsif (tcp_scan ($addr, $pa_config->{'networktimeout'}, 22) == 1 ||
|
|
||||||
# tcp_scan ($addr, $pa_config->{'networktimeout'}, 25) == 1) {
|
|
||||||
# $alive = 1;
|
|
||||||
#Check for WWW & MySQL (Webservers and systems in a DMZ)
|
|
||||||
#} elsif (tcp_scan ($addr, $pa_config->{'networktimeout'}, 80) == 1 ||
|
|
||||||
# tcp_scan ($addr, $pa_config->{'networktimeout'}, 3306) == 1) {
|
|
||||||
# $alive = 1;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
next unless ($alive == 1);
|
next unless ($alive > 0);
|
||||||
|
|
||||||
# Guess the OS and filter
|
# Guess the OS and filter
|
||||||
my $id_os = guess_os ($pa_config, $addr);
|
my $id_os = guess_os ($pa_config, $addr);
|
||||||
next if ($task->{'id_os'} > 0 && $task->{'id_os'} != $id_os);
|
next if ($task->{'id_os'} > 0 && $task->{'id_os'} != $id_os);
|
||||||
|
|
||||||
$hosts_found++;
|
$hosts_found ++;
|
||||||
$addr_found .= $addr . " ";
|
$addr_found .= $addr . " ";
|
||||||
|
|
||||||
# Resolve the address
|
# Resolve the address
|
||||||
@ -205,22 +191,15 @@ sub data_consumer ($$) {
|
|||||||
# TCP scan the given host/port. Returns 1 if successful, 0 otherwise.
|
# TCP scan the given host/port. Returns 1 if successful, 0 otherwise.
|
||||||
##############################################################################
|
##############################################################################
|
||||||
sub tcp_scan ($$$) {
|
sub tcp_scan ($$$) {
|
||||||
my ($host, $timeout, $port) = @_;
|
my ($pa_config, $host, $portlist) = @_;
|
||||||
my $rc = 0;
|
my $runcommand;
|
||||||
|
|
||||||
eval {
|
my $nmap = $pa_config->{'nmap'};
|
||||||
local $SIG{'ALRM'} = sub { return 0; };
|
eval {
|
||||||
alarm ($timeout);
|
$runcommand = `$nmap -p$portlist $host | grep open | wc -l`;
|
||||||
my $handle=IO::Socket::INET->new(
|
|
||||||
Proto => 'tcp',
|
|
||||||
PeerAddr => $host,
|
|
||||||
PeerPort => $port);
|
|
||||||
$rc = 1 if ($handle);
|
|
||||||
alarm (0);
|
|
||||||
};
|
};
|
||||||
|
return 0 if ($@);
|
||||||
return 0 if ($@);
|
return $runcommand;
|
||||||
return $rc;
|
|
||||||
}
|
}
|
||||||
|
|
||||||
##########################################################################
|
##########################################################################
|
||||||
@ -228,21 +207,26 @@ sub tcp_scan ($$$) {
|
|||||||
##########################################################################
|
##########################################################################
|
||||||
sub guess_os {
|
sub guess_os {
|
||||||
my ($pa_config, $host) = @_;
|
my ($pa_config, $host) = @_;
|
||||||
|
my $nmap = $pa_config->{'nmap'};
|
||||||
|
my $xprobe = $pa_config->{'xprobe2'};
|
||||||
|
|
||||||
my $xprobe2 = $pa_config->{'xprobe2'};
|
# if xprobe2 not available, use nmap, if not, not able to detect OS
|
||||||
|
if (! -e $xprobe){
|
||||||
# Other OS
|
return 10 if (! -e $nmap);
|
||||||
return 10 if (! -e $xprobe2);
|
}
|
||||||
|
|
||||||
# Execute xprobe2
|
# Execute Nmap (4.x) or Xprobe2
|
||||||
my $output = '';
|
my $output = '';
|
||||||
eval {
|
eval {
|
||||||
$output = `$xprobe2 $host 2> /dev/null | grep "Running OS" 2> /dev/null | head -1 2> /dev/null`;
|
if (-e $xprobe){
|
||||||
|
$output = `$xprobe $host 2> /dev/null | grep 'Running OS' | head -1`;
|
||||||
|
} else {
|
||||||
|
$output = `$nmap -F -O $host 2> /dev/null | grep 'Aggressive OS guesses'`;
|
||||||
|
}
|
||||||
};
|
};
|
||||||
|
|
||||||
# Check for errors
|
# Check for errors
|
||||||
return 10 if ($@);
|
return 10 if ($@);
|
||||||
|
|
||||||
return pandora_get_os ($output);
|
return pandora_get_os ($output);
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -328,13 +312,14 @@ sub get_host_parent ($$){
|
|||||||
# Traceroute not available
|
# Traceroute not available
|
||||||
return 0 unless ($TracerouteAvailable != 0);
|
return 0 unless ($TracerouteAvailable != 0);
|
||||||
|
|
||||||
|
my $traceroutetimeout = $pa_config->{'networktimeout'} * 2;
|
||||||
my $tr = Net::Traceroute::PurePerl->new (
|
my $tr = Net::Traceroute::PurePerl->new (
|
||||||
backend => 'PurePerl',
|
backend => 'PurePerl',
|
||||||
host => $host,
|
host => $host,
|
||||||
debug => 0,
|
debug => 0,
|
||||||
max_ttl => 15,
|
max_ttl => 15,
|
||||||
query_timeout => $pa_config->{'networktimeout'},
|
query_timeout => $traceroutetimeout,
|
||||||
packetlen => 40,
|
packetlen => 80,
|
||||||
protocol => 'udp', # udp or icmp
|
protocol => 'udp', # udp or icmp
|
||||||
);
|
);
|
||||||
|
|
||||||
@ -343,7 +328,7 @@ sub get_host_parent ($$){
|
|||||||
# Call traceroute
|
# Call traceroute
|
||||||
eval {
|
eval {
|
||||||
local $SIG{'ALRM'} = sub { return 0; };
|
local $SIG{'ALRM'} = sub { return 0; };
|
||||||
alarm($pa_config->{'networktimeout'});
|
alarm($traceroutetimeout);
|
||||||
$success = $tr->traceroute();
|
$success = $tr->traceroute();
|
||||||
alarm(0);
|
alarm(0);
|
||||||
};
|
};
|
||||||
@ -354,8 +339,21 @@ sub get_host_parent ($$){
|
|||||||
# Traceroute was not successful
|
# Traceroute was not successful
|
||||||
return 0 if ($tr->hops < 2 || $success == 0);
|
return 0 if ($tr->hops < 2 || $success == 0);
|
||||||
|
|
||||||
my $parent_addr = $tr->hop_query_host($tr->hops - 1, 0);
|
my $hopstotal = $tr->hops;
|
||||||
return get_agent_from_addr ($dbh, $parent_addr);
|
$hopstotal--;
|
||||||
|
|
||||||
|
# Run all list of parents until find a known parent
|
||||||
|
my $parent_addr;
|
||||||
|
my $parent_addr_check;
|
||||||
|
|
||||||
|
for (my $ax=$hopstotal; $ax >= 0; $ax--){
|
||||||
|
$parent_addr = $tr->hop_query_host($ax, 0);
|
||||||
|
$parent_addr_check = get_addr_id ($dbh, $parent_addr);
|
||||||
|
if ($parent_addr_check != -1){
|
||||||
|
return get_agent_from_addr ($dbh, $parent_addr);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
1;
|
1;
|
||||||
|
@ -73,12 +73,6 @@ sub pandora_get_os ($) {
|
|||||||
if ($command =~ m/Windows/i){
|
if ($command =~ m/Windows/i){
|
||||||
return 9;
|
return 9;
|
||||||
}
|
}
|
||||||
elsif ($command =~ m/Linux/i){
|
|
||||||
return 1;
|
|
||||||
}
|
|
||||||
elsif ($command =~ m/BSD/i){
|
|
||||||
return 4;
|
|
||||||
}
|
|
||||||
elsif ($command =~ m/Cisco/i){
|
elsif ($command =~ m/Cisco/i){
|
||||||
return 7;
|
return 7;
|
||||||
}
|
}
|
||||||
@ -97,9 +91,21 @@ sub pandora_get_os ($) {
|
|||||||
elsif ($command =~ m/Apple/i){
|
elsif ($command =~ m/Apple/i){
|
||||||
return 8;
|
return 8;
|
||||||
}
|
}
|
||||||
|
elsif ($command =~ m/Linux/i){
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
elsif ($command =~ m/Enterasys/i){
|
||||||
|
return 11;
|
||||||
|
}
|
||||||
|
elsif ($command =~ m/3com/i){
|
||||||
|
return 11;
|
||||||
|
}
|
||||||
elsif ($command =~ m/Octopus/i){
|
elsif ($command =~ m/Octopus/i){
|
||||||
return 13;
|
return 13;
|
||||||
}
|
}
|
||||||
|
elsif ($command =~ m/BSD/i){
|
||||||
|
return 4;
|
||||||
|
}
|
||||||
else {
|
else {
|
||||||
return 10; # Unknown / Other
|
return 10; # Unknown / Other
|
||||||
}
|
}
|
||||||
@ -346,12 +352,15 @@ sub enterprise_hook ($$) {
|
|||||||
# Prepend the package name
|
# Prepend the package name
|
||||||
$func = 'PandoraFMS::Enterprise::' . $func;
|
$func = 'PandoraFMS::Enterprise::' . $func;
|
||||||
|
|
||||||
# Try to call the function
|
# Check if exist before try to call it
|
||||||
my $output = eval { &$func (@args); };
|
my $output = `perl -e "use $func"`;
|
||||||
|
|
||||||
# Check for errors
|
if ($output){
|
||||||
return undef if ($@);
|
# Try to call the function
|
||||||
|
$output = eval { &$func (@args); };
|
||||||
|
} else {
|
||||||
|
return $undef;
|
||||||
|
}
|
||||||
return $output;
|
return $output;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -21,8 +21,9 @@ BuildArchitectures: noarch
|
|||||||
Requires(pre): /usr/sbin/useradd
|
Requires(pre): /usr/sbin/useradd
|
||||||
AutoReq: 0
|
AutoReq: 0
|
||||||
Provides: %{name}-%{version}
|
Provides: %{name}-%{version}
|
||||||
Requires: perl-mail-sendmail perl-DBI perl-DBD-mysql perl-time-format perl-mail-sendmail perl-netaddr-ip wmic perl-SNMP net-snmp
|
Requires: perl-mail-sendmail perl-DBI perl-DBD-mysql perl-time-format
|
||||||
#Requires: xprobe2
|
Requires: perl-mail-sendmail perl-netaddr-ip perl-SNMP net-snmp
|
||||||
|
Requires: nmap wmic
|
||||||
|
|
||||||
%description
|
%description
|
||||||
Pandora FMS is a monitoring system for big IT environments. It uses remote tests, or local agents to grab information. Pandora supports all standard OS (Linux, AIX, HP-UX, Solaris and Windows XP,2000/2003), and support multiple setups in HA enviroments.
|
Pandora FMS is a monitoring system for big IT environments. It uses remote tests, or local agents to grab information. Pandora supports all standard OS (Linux, AIX, HP-UX, Solaris and Windows XP,2000/2003), and support multiple setups in HA enviroments.
|
||||||
|
Loading…
x
Reference in New Issue
Block a user