Open-AudIT

On the index.php page, if you checked in the Admin-Config page both

Show Detected Servers on homepage
Show Terminal Servers and Remote Desktops on homepage

the detected servers and TS/RDP sections don't show the "Nmap discovered on Other equipment" section. To fix it, modify the following queries (index.php SVN rev. 826):

LOC 492 ("WEB Servers Detected/Nmap discovered on other equipment" Section)
[code]
$sql = "select oth.other_id, oth.other_ip_address, oth.other_network_name, oth.other_mac_address, port.nmap_port_number from other oth, nmap_ports port where (port.nmap_port_number = '80' OR port.nmap_port_number = '443') AND (port.nmap_other_id = oth.other_mac_address OR port.nmap_other_id = oth.other_id)";
[/code]
LOC 635 ("FTP Servers Detected/Nmap discovered on other equipment" Section)
[code]
$sql = "select oth.other_id, oth.other_ip_address, oth.other_network_name, oth.other_mac_address, port.nmap_port_number from other oth, nmap_ports port where port.nmap_port_number = '21' AND (port.nmap_other_id = oth.other_mac_address OR port.nmap_other_id = oth.other_id)";
[/code]
LOC 779 ("Telnet Servers Detected/Nmap discovered on other equipment" Section)
[code]
$sql = "select oth.other_id, oth.other_ip_address, oth.other_network_name, oth.other_mac_address, port.nmap_port_number from other oth, nmap_ports port where port.nmap_port_number = '23' AND port.nmap_other_id = oth.other_id";
[/code]
LOC 925 ("Email Servers Detected/Nmap discovered on other equipment" Section)
[code]
$sql = "select oth.other_id, oth.other_ip_address, oth.other_network_name, oth.other_mac_address, port.nmap_port_number from other oth, nmap_ports port where port.nmap_port_number = '25' AND (port.nmap_other_id = oth.other_mac_address OR port.nmap_other_id = oth.other_id)";
[/code]
LOC 1065 ("VNC Servers Detected/Nmap discovered on other equipment" Section)
[code]
$sql = "select oth.other_id, oth.other_ip_address, oth.other_network_name, oth.other_mac_address, port.nmap_port_number from other oth, nmap_ports port where port.nmap_port_number = '5900' AND (port.nmap_other_id = oth.other_mac_address OR port.nmap_other_id = oth.other_id)";
[/code]
LOC 1210 ("Terminal Services Servers Detected/Nmap discovered on other equipment" Section)
[code]
$sql = "select oth.other_id, oth.other_ip_address, oth.other_network_name, oth.other_mac_address, port.nmap_port_number from other oth, nmap_ports port where port.nmap_port_number = '3389' AND (port.nmap_other_id = oth.other_mac_address OR port.nmap_other_id = oth.other_id)";
[/code]
A lot of hosts (switches, printers, remote management boards and so on, listed from the OA "Other" table) will expose their discovered network services (if you "nmapped" your network...).

Also, modify LOC 661 as follows (otherwise FTP servers section doesn't show Hostnames for "Nmap discovered on other equipment" sub-section):
[code]
<td ><a href=\"system.php?other=" . $myrow["other_id"] . "&amp;view=other_system\">" . $myrow["other_network_name"] . "</a>&nbsp;&nbsp;&nbsp;</td>
[/code]

Could you post your copy of index.php, 'cos it would save me making any mistakes with that lot.

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]

Even better would be an svn diff. I'm not completely good on this but, if you do something like: "svn diff > output.patch" and then upload the patch, we can apply it against current svn. Would be more efficient

Sorry for the delay.
Attached are my working copy of index.php and a TortoiseSVN patch (not tested) related to the SVN rev. 829 version of the same file. Hope it helps.

Edoardo

So, there are a few issues I see relating to the line break sequences used by Unix and Dos. That is why your patch is so huge. I changed an svn property on the index.php file which should cause the file to be downloaded with DOS line breaks on DOS systems, and Unix on Unix. Please test that this works (using a hex editor, look for the hex characters 0D 0A if on windows, and 0A if on unix). If this works, I'll set the property on the rest of the repository, and then we shouldn't have issues with differing line breaks.

I have included a new patch file with only your changes and none of the line break issues. The patch was of course generated on linux, so who knows how it would work if applied on a windows system

Oh, and the property is svn:eol-style which I set to native.

Mikeyrb, your patch, applied to index.php SVN ver. 831, worked fine for my Windows system using TortoiseSVN. But sorry, I made 2 mistakes in my previously attached index.php:
- I added a double 493 line, so line numbers were translated of one (as you can see in my first post);
- I forgot to modify the Telnet servers query (line 778).
Attached is my working index.php, modified again from your SVN ver 831.
Sorry again for your waste time.

Edoardo

Replaced SVN version with yours after reviewing it. Thanks. Try it now. SVN Ver 832
That is SOOOO much better! It now shows all of the VNC servers on my thin clients, and SMTP on one of the photocopiers, I didn't even know it could email....

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]

The only additional suggestion is that we add in the ability to connect to these ports and services from telnet, VNC, RDP http https or whatever (whichever is appropriate) by clicking on the port number as a link on the page. (With ALT text to say connect to this service perhaps). See the IIS and FTP links for an example of what I am talking about.

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]

What about us Linux users ?!?!?!
I may have to manage Windows boxes (actually that should be past tense), but I only use Linux on my desktop.

I suppose we could have a web page link for VNC and FTP, HTTP & HTTPS.
There should be a Linux utility for Wake-On-Lan - we could have the server run that.
We could 'take it to the next level' and have an embedded (Java) client for telnet/ssh, so that runs 'from the web page'.
There will always be some Windows specific stuff, like MMC & IIS Admin.
I wonder if there is a Java client for RDP that we could embed ?

I think I just opened my mouth, when I should have kept it firmly shut !!!

_________________
Support and Development hours available from [url=https://opmantek.com]Opmantek[/url].
Please consider a purchase to help make Open-AudIT better for everyone.

I believe WOL is already handled by the server. Manly vnc servers include java applets, so perhaps a link to that would work. I just played with tsclient, and it save's *.rdp type files -- maybe compatible with windows?? The rdp files default to opening with gedit, so it would require extra effort to open that automatically.

Embedded java may be difficult:

[quote="[url=http://java.sun.com/sfaq/]Java Applet Security[/url]"]What are applets prevented from doing?

In general, applets loaded over the net are prevented from reading and writing files on the client file system, and from making network connections except to the originating host.

In addition, applets loaded over the net are prevented from starting other programs on the client. Applets loaded over the net are also not allowed to load libraries, or to define native method calls. If an applet could define native method calls, that would give the applet direct access to the underlying computer.

There are other specific capabilities denied to applets loaded over the net, but most of the applet security policy is described by those two paragraphs above. Read on for the gory details.

Thank you, Andrew, it's fixed now.
[quote]
That is SOOOO much better! It now shows all of the VNC servers on my thin clients, and SMTP on one of the photocopiers, I didn't even know it could email....

_________________
Edoardo

I like the idea, but have been unable to spend much time coding recently. (That which I have managed was mainly bug fixing and Inkskape stuff).

Things look fairly busy for the next couple of weeks... Several large projects on the go Why is life never simple.

How did you get on with the idea of using a temporary table to link together the info you require?

Perhaps Mark might also like to throw in his tuppence worth at this point. (See previous post).

_________________
Andrew

[size=85]OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory[/size]