Open-AudIT

What's on your network?
It is currently Thu Oct 18, 2018 9:20 pm

All times are UTC + 10 hours




Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 31 posts ]  Go to page 1, 2, 3  Next
Author Message
PostPosted: Wed Dec 05, 2007 8:17 pm 
Offline
Open-AudIT Fellow

Joined: Thu May 17, 2007 5:47 pm
Posts: 568
Location: Italy
As discussed many times, OA currently reports only one TCP/IP enabled NIC and only one IP address. I have many multihomed machines (either with dual-quad nic or with multiple ip addresses) like NLB hosts or cluster nodes and I need to inventory the real situation. After some testing (also regarding what discussed with jpmorgan to optimize the network_card table for dynamic values, see viewtopic.php?f=10&t=2500&start=0&st=0&sk=t&sd=a), I added the ability to inventory and report:
- all NICs (either TCP/IP enabled or not, I need NICs in stealth mode like snort/ethereal interfaces to be listed too)
- up to 3 IP addresses, subnet masks, dns servers and gateways per NIC (they should be enough)
- some more NIC properties (connection ID, fixed manufacturer, service name, connectivity status, link speed, IP enabled/LMHosts Lookup/NBT status, DHCP lease dates)
I inventoried also connection-specific suffix, connection metric and up to 3 dns suffixes and gateways metrics, but I didn't show them in viewdefs, to avoid too much long listing. To add these features (starting from SVN rev 909):
- modify upgrade.php (add at line 123)
Code:
$sql = "ALTER TABLE `network_card` ADD COLUMN `net_ip_enabled` varchar(10) NOT NULL default '' AFTER `net_uuid`,
                                   ADD COLUMN `net_index` varchar(10) NOT NULL default '' AFTER `net_ip_enabled`,
                                   ADD COLUMN `net_service_name` varchar(30) NOT NULL default '' AFTER `net_index`,
                                   ADD COLUMN `net_dhcp_lease_obtained` varchar(14) NOT NULL default '' AFTER `net_dhcp_server`,
                                   ADD COLUMN `net_dhcp_lease_expires` varchar(14) NOT NULL default '' AFTER `net_dhcp_lease_obtained`,
                                   ADD COLUMN `net_dns_server_3` varchar(30) NOT NULL default '' AFTER `net_dns_server_2`,
                                   ADD COLUMN `net_dns_domain` varchar(100) NOT NULL default '' AFTER `net_dns_server_3`,
                                   ADD COLUMN `net_dns_domain_suffix` varchar(100) NOT NULL default '' AFTER `net_dns_domain`,
                                   ADD COLUMN `net_dns_domain_suffix_2` varchar(100) NOT NULL default '' AFTER `net_dns_domain_suffix`,
                                   ADD COLUMN `net_dns_domain_suffix_3` varchar(100) NOT NULL default '' AFTER `net_dns_domain_suffix_2`,
                                   ADD COLUMN `net_dns_domain_reg_enabled` varchar(10) NOT NULL default '' AFTER `net_dns_domain_suffix_3`,
                                   ADD COLUMN `net_dns_domain_full_reg_enabled` varchar(10) NOT NULL default '' AFTER `net_dns_domain_reg_enabled`,
                                   ADD COLUMN `net_ip_address_2` varchar(30) NOT NULL default '' AFTER `net_ip_subnet`,
                                   ADD COLUMN `net_ip_subnet_2` varchar(30) NOT NULL default '' AFTER `net_ip_address_2`,
                                   ADD COLUMN `net_ip_address_3` varchar(30) NOT NULL default '' AFTER `net_ip_subnet_2`,
                                   ADD COLUMN `net_ip_subnet_3` varchar(30) NOT NULL default '' AFTER `net_ip_address_3`,
                                   ADD COLUMN `net_wins_lmhosts_enabled` varchar(10) NOT NULL default '' AFTER `net_wins_secondary`,
                                   ADD COLUMN `net_netbios_options` varchar(10) NOT NULL default '' AFTER `net_wins_lmhosts_enabled`,
                                   ADD COLUMN `net_connection_id` varchar(255) NOT NULL default '' AFTER `net_manufacturer`,
                                   ADD COLUMN `net_connection_status` varchar(30) NOT NULL default '' AFTER `net_connection_id`,
                                   ADD COLUMN `net_speed` varchar(10) NOT NULL default '' AFTER `net_connection_status`,
                                   ADD COLUMN `net_gateway_metric` varchar(10) NOT NULL default '' AFTER `net_gateway`,
                                   ADD COLUMN `net_gateway_2` varchar(100) NOT NULL default '' AFTER `net_gateway_metric`,
                                   ADD COLUMN `net_gateway_metric_2` varchar(10) NOT NULL default '' AFTER `net_gateway_2`,
                                   ADD COLUMN `net_gateway_3` varchar(100) NOT NULL default '' AFTER `net_gateway_metric_2`,
                                   ADD COLUMN `net_gateway_metric_3` varchar(10) NOT NULL default '' AFTER `net_gateway_3`,
                                   ADD COLUMN `net_ip_metric` varchar(10) NOT NULL default '' AFTER `net_gateway_metric_3`;";

upgrade ($version,"07.12.09", $sql);



- modify open_audit.sql for new installations (lines 424-448)
Code:
DROP TABLE IF EXISTS `network_card`;
CREATE TABLE `network_card` (
  `net_id` int(10) unsigned NOT NULL auto_increment,
  `net_mac_address` varchar(17) NOT NULL default '',
  `net_uuid` varchar(100) NOT NULL default '',
  `net_ip_enabled` varchar(10) NOT NULL default '',
  `net_index` varchar(10) NOT NULL default '',
  `net_service_name` varchar(30) NOT NULL default '',
  `net_description` varchar(255) NOT NULL default '',
  `net_dhcp_enabled` varchar(100) NOT NULL default '',
  `net_dhcp_server` varchar(30) NOT NULL default '',
  `net_dhcp_lease_obtained` varchar(14) NOT NULL default '',
  `net_dhcp_lease_expires` varchar(14) NOT NULL default '',
  `net_dns_host_name` varchar(100) NOT NULL default '',
  `net_dns_server` varchar(30) NOT NULL default '',
  `net_dns_server_2` varchar(30) NOT NULL default '',
  `net_dns_server_3` varchar(30) NOT NULL default '',
  `net_dns_domain` varchar(100) NOT NULL default '',
  `net_dns_domain_suffix` varchar(100) NOT NULL default '',
  `net_dns_domain_suffix_2` varchar(100) NOT NULL default '',
  `net_dns_domain_suffix_3` varchar(100) NOT NULL default '',
  `net_dns_domain_reg_enabled` varchar(10) NOT NULL default '',
  `net_dns_domain_full_reg_enabled` varchar(10) NOT NULL default '',
  `net_ip_address` varchar(30) NOT NULL default '',
  `net_ip_subnet` varchar(30) NOT NULL default '',
  `net_ip_address_2` varchar(30) NOT NULL default '',
  `net_ip_subnet_2` varchar(30) NOT NULL default '',
  `net_ip_address_3` varchar(30) NOT NULL default '',
  `net_ip_subnet_3` varchar(30) NOT NULL default '',
  `net_wins_primary` varchar(30) NOT NULL default '',
  `net_wins_secondary` varchar(30) NOT NULL default '',
  `net_wins_lmhosts_enabled` varchar(10) NOT NULL default '',
  `net_netbios_options` varchar(10) NOT NULL default '',
  `net_adapter_type` varchar(100) NOT NULL default '',
  `net_manufacturer` varchar(100) NOT NULL default '',
  `net_connection_id` varchar(255) NOT NULL default '',
  `net_connection_status` varchar(30) NOT NULL default '',
  `net_speed` varchar(10) NOT NULL default '',
  `net_gateway` varchar(100) NOT NULL default '',
  `net_gateway_metric` varchar(10) NOT NULL default '',
  `net_gateway_2` varchar(100) NOT NULL default '',
  `net_gateway_metric_2` varchar(10) NOT NULL default '',
  `net_gateway_3` varchar(100) NOT NULL default '',
  `net_gateway_metric_3` varchar(10) NOT NULL default '',
  `net_ip_metric` varchar(10) NOT NULL default '',
  `net_timestamp` bigint(20) unsigned NOT NULL default '0',
  `net_first_timestamp` bigint(20) unsigned NOT NULL default '0',
  PRIMARY KEY  (`net_id`),
  KEY `id` (`net_mac_address`),
  KEY `id2` (`net_timestamp`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;



- still modify open_audit.sql to fix an existing bug (redundant closing parenthesis) in the scan tables creation (lines 569-610)
Code:
DROP TABLE IF EXISTS `scan_type`;
CREATE TABLE `scan_type` (
  `scan_type_id` int  NOT NULL AUTO_INCREMENT,
  `scan_type_uuid` varchar(100)  NOT NULL,
  `scan_type_ip_address` varchar(16)  NOT NULL,
  `scan_type` varchar(10)  NOT NULL,
  `scan_type_detail` VARCHAR(100)  NOT NULL,
  `scan_type_frequency` TINYINT  NOT NULL,
  PRIMARY KEY(`scan_type_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

DROP TABLE IF EXISTS `scan_log`;
CREATE TABLE `scan_log` (
  `scan_log_id` int  NOT NULL AUTO_INCREMENT,
  `scan_log_uuid` varchar(100)  NOT NULL,
  `scan_log_ip_address` varchar(16)  NOT NULL,
  `scan_log_type` varchar(10)  NOT NULL,
  `scan_log_detail` VARCHAR(100)  NOT NULL,
  `scan_log_frequency` TINYINT  NOT NULL,
  `scan_log_date_time` datetime  NOT NULL,
  `scan_log_result` varchar(20)  NOT NULL,
  `scan_log_success` varchar(2)  NOT NULL,
  PRIMARY KEY(`scan_log_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;

DROP TABLE IF EXISTS `scan_latest`;
CREATE TABLE `scan_latest` (
  `scan_latest_id` int  NOT NULL AUTO_INCREMENT,
  `scan_latest_uuid` varchar(100)  NOT NULL,
  `scan_latest_ip_address` varchar(16)  NOT NULL,
  `scan_latest_type` varchar(10)  NOT NULL,
  `scan_latest_detail` VARCHAR(100)  NOT NULL,
  `scan_latest_frequency` TINYINT  NOT NULL,
  `scan_latest_date_time` datetime  NOT NULL,
  `scan_latest_result` varchar(20)  NOT NULL,
  `scan_latest_success` varchar(2)  NOT NULL,
  PRIMARY KEY(`scan_latest_id`)
) ENGINE=MyISAM DEFAULT CHARSET=latin1;



- modify index.php (line 24)
Code:
$latest_version = "07.12.09";

- modify audit.vbs (Network Information section, lines 447-516)
Code:
'''''''''''''''''''''''''''
'   Network Information   '
'''''''''''''''''''''''''''

dim net_mac, net_ip_enabled, net_index, net_service_name, net_description, net_dhcp_enabled, net_dhcp_server
dim net_dhcp_lease_obtained, net_dhcp_lease_expires, net_dns_host_name, net_dns_server(2), net_dns_domain
dim net_dns_domain_suffix(2), net_dns_domain_reg_enabled, net_dns_domain_full_reg_enabled, net_ip(2)
dim net_ip_subnet(2), net_wins_primary, net_wins_secondary, net_wins_lmhosts_enabled, net_netbios_options
dim net_adapter_type, net_manufacturer, net_connection_id, net_connection_status, net_speed, net_gateway(2)
dim net_gateway_metric(2), net_ip_metric, net_ip_address, net_ip_mask, is_installed

comment = "Network Info"
if verbose = "y" then
  wscript.echo comment
end if
On Error Resume Next

Set objWMIService_WMI = GetObject("winmgmts:\\" & strComputer & "\root\WMI")
Set colItems = objWMIService.ExecQuery("Select * from Win32_NetworkAdapterConfiguration " _
   & "WHERE ServiceName<>'' AND ServiceName<>'AsyncMac' " _
   & "AND ServiceName<>'VMnetx' AND ServiceName<>'VMnetadapter' " _
   & "AND ServiceName<>'Rasl2tp' AND ServiceName<>'msloop' " _
   & "AND ServiceName<>'PptpMiniport' AND ServiceName<>'Raspti' " _
   & "AND ServiceName<>'NDISWan' AND ServiceName<>'NdisWan4' AND ServiceName<>'RasPppoe' " _
   & "AND ServiceName<>'NdisIP' AND Description<>'PPP Adapter.'",,48)
For Each objItem in colItems
   net_index = objItem.Index
   net_description = objItem.Description
   is_installed = "false"
   Set colItems2 = objWMIService.ExecQuery("Select * from Win32_NetworkAdapter WHERE Index='" & net_index & "'",,48)
   For Each objItem2 in colItems2
      if (not isnull(objItem2.Manufacturer) or objItem2.Manufacturer <> "") then
        ' Found a  currently installed NIC
        is_installed = "true"
        net_manufacturer = objItem2.Manufacturer
        net_adapter_type = objItem2.AdapterType
        net_connection_id = objItem2.NetConnectionId
        net_connection_status = objItem2.NetConnectionStatus
        if net_connection_status = "2" then
          ' Found a connected NIC: detecting link speed
          Set colItems3 = objWMIService_WMI.ExecQuery("Select * from MSNdis_LinkSpeed ",,48)
          For Each objItem3 in colItems3
            if objItem3.InstanceName = net_description then net_speed = objItem3.NdisLinkSpeed  end if
          Next
        end if
      end if
   Next
   if is_installed = "true" then
     net_mac = objItem.MACAddress
     net_ip_enabled = objItem.IPEnabled
     net_service_name = objItem.ServiceName
     net_dhcp_enabled = objItem.DHCPEnabled
     net_dhcp_server = objItem.DHCPServer
     net_dhcp_lease_obtained = objItem.DHCPLeaseObtained
     net_dhcp_lease_expires = objItem.DHCPLeaseExpires
     net_dns_host_name = objItem.DNSHostName
     For i = LBound(objItem.DNSServerSearchOrder) to UBound(objItem.DNSServerSearchOrder)
        if i > 2 then exit for End if
        net_dns_server(i) = objItem.DNSServerSearchOrder(i)
     Next
     net_dns_domain = objItem.DNSDomain
     For i = LBound(objItem.DNSDomainSuffixSearchOrder) to UBound(objItem.DNSDomainSuffixSearchOrder)
        if i > 2 then exit for End if
        net_dns_domain_suffix(i) = objItem.DNSDomainSuffixSearchOrder(i)
     Next
     net_dns_domain_reg_enabled = objItem.DomainDNSRegistrationEnabled
     net_dns_domain_full_reg_enabled = objItem.FullDNSRegistrationEnabled
     For i = LBound(objItem.IPAddress) to UBound(objItem.IPAddress)
        if i > 2 then exit for End if
        net_ip(i) = objItem.IPAddress(i)
     Next
     For i = LBound(objItem.IPSubnet) to UBound(objItem.IPSubnet)
        if i > 2 then exit for End if
        net_ip_subnet(i) = objItem.IPSubnet(i)
     Next
     net_wins_primary = objItem.WINSPrimaryServer
     net_wins_secondary = objItem.WINSSecondaryServer
     net_wins_secondary = objItem.WINSSecondaryServer
     net_wins_lmhosts_enabled = objItem.WINSEnableLMHostsLookup
     net_netbios_options = objItem.TcpipNetbiosOptions
     For i = LBound(objItem.DefaultIPGateway) to UBound(objItem.DefaultIPGateway)
        if i > 2 then exit for End if
        net_gateway(i) = objItem.DefaultIPGateway(i)
     Next
     For i = LBound(objItem.GatewayCostMetric) to UBound(objItem.GatewayCostMetric)
        if i > 2 then exit for End if
        net_gateway_metric(i) = objItem.GatewayCostMetric(i)
     Next
     net_ip_metric = objItem.IpConnectionMetric
     
     ' Below is to account for a NULL in various items or converting values
     if (isnull(net_mac) or net_mac = "") then net_mac = "unknown" End if
     if (isnull(net_ip_enabled) or net_ip_enabled = "") then net_ip_enabled = "unknown" End if
     if (isnull(net_description) or net_description = "") then net_description = "unknown" End if
     if (isnull(net_dhcp_enabled) or net_dhcp_enabled = "") then net_dhcp_enabled = "false" End if
     if (isnull(net_dhcp_server) or net_dhcp_server = "") then net_dhcp_server = "none" End if
     if isnull(net_dhcp_lease_obtained) then net_dhcp_lease_obtained = "" End if
     if isnull(net_dhcp_lease_expires) then net_dhcp_lease_expires = "" End if
     if (isnull(net_dns_host_name) or net_dns_host_name = "") then net_dns_host_name = "none" End if
     if (isnull(net_dns_domain) or net_dns_domain = "") then net_dns_domain = "none" End if
     if (isnull(net_dns_domain_reg_enabled) or net_dns_domain_reg_enabled = "") then net_dns_domain_reg_enabled = "false" End if
     if (isnull(net_dns_domain_full_reg_enabled) or net_dns_domain_full_reg_enabled = "") then net_dns_domain_full_reg_enabled = "false" End if
     if (isnull(net_wins_primary) or net_wins_primary = "") then net_wins_primary = "none" End if
     if (isnull(net_wins_secondary) or net_wins_secondary = "") then net_wins_secondary = "none" End if
     if (isnull(net_wins_lmhosts_enabled) or net_wins_lmhosts_enabled = "") then net_wins_lmhosts_enabled = "false"  End if
     Select Case net_netbios_options
        Case "0" net_netbios_options = "defaults"
        Case "1" net_netbios_options = "enabled"
        Case "2" net_netbios_options = "disabled"
        Case Else net_netbios_options = "unknown"
     End Select
     if (isnull(net_adapter_type) or net_adapter_type = "") then net_adapter_type = "unknown" End if
     if (isnull(net_connection_id) or net_connection_id = "") then net_connection_id = "unknown" End if
     Select Case net_connection_status
        Case "0"  net_connection_status = "Disconnected"
        Case "1"  net_connection_status = "Connecting"
        Case "2"  net_connection_status = "Connected"
        Case "3"  net_connection_status = "Disconnecting"
        Case "4"  net_connection_status = "Hardware not present"
        Case "5"  net_connection_status = "Hardware disabled"
        Case "6"  net_connection_status = "Hardware malfunction"
        Case "7"  net_connection_status = "Media disconnected"
        Case "8"  net_connection_status = "Authenticating"
        Case "9"  net_connection_status = "Authentication succeeded"
        Case "10" net_connection_status = "Authentication failed"
        Case "11" net_connection_status = "Invalid address"
        Case "12" net_connection_status = "Credentials required"
        Case Else net_connection_status = "unknown"
     End Select
     if (isnull(net_speed) or net_speed = "") then
       net_speed = "unknown"
     else  net_speed = int(net_speed)/10000 End if
     if (isnull(net_ip_metric) or net_ip_metric = "") then net_ip_metric = "unknown" End if
     For i = 0 to 2
        if (isnull(net_dns_server(i)) or net_dns_server(i) = "") then net_dns_server(i) = "none" End if
        if (isnull(net_dns_domain_suffix(i)) or net_dns_domain_suffix(i) = "") then net_dns_domain_suffix(i) = "none" End if
        if (isnull(net_ip(i)) or net_ip(i) = "") then net_ip(i) = "0.0.0.0" End if
        if (isnull(net_ip_subnet(i)) or net_ip_subnet(i) = "") then net_ip_subnet(i) = "none" End if
        if (isnull(net_gateway(i)) or net_gateway(i) = "") then net_gateway(i) = "none" End if
        if (isnull(net_gateway_metric(i)) or net_gateway_metric(i) = "") then net_gateway_metric(i) = "none" End if
     Next

     ' IP Address are padded with zeros so they sort properly
     MyIP = Split(net_ip(0), ".", -1, 1)
     if MyIP(0) <> "169" AND MyIP(1) <> "254" then
       MyIP(0) = right("000" & MyIP(0),3)
       MyIP(1) = right("000" & MyIP(1),3)
       MyIP(2) = right("000" & MyIP(2),3)
       MyIP(3) = right("000" & MyIP(3),3)
       net_ip(0) = MyIP(0) & "." & MyIP(1) & "." & MyIP(2) & "." & MyIP(3)
       ' The first detected IP address / Subnet mask become the system IP/Mask
       if (net_ip(0) <> "000.000.000.000" and net_ip_address = "") then
         net_ip_address = net_ip(0)
         net_ip_mask = net_ip_subnet(0)
       elseif net_ip(0) = "000.000.000.000" then net_ip(0) = "none" end if
     end if
     MyIP = Split(net_ip(1), ".", -1, 1)
     if MyIP(0) <> "169" AND MyIP(1) <> "254" then
       MyIP(0) = right("000" & MyIP(0),3)
       MyIP(1) = right("000" & MyIP(1),3)
       MyIP(2) = right("000" & MyIP(2),3)
       MyIP(3) = right("000" & MyIP(3),3)
       net_ip(1) = MyIP(0) & "." & MyIP(1) & "." & MyIP(2) & "." & MyIP(3)
       if net_ip(1) = "000.000.000.000" then net_ip(1) = "none" end if
     end if
     MyIP = Split(net_ip(2), ".", -1, 1)
     if MyIP(0) <> "169" AND MyIP(1) <> "254" then
       MyIP(0) = right("000" & MyIP(0),3)
       MyIP(1) = right("000" & MyIP(1),3)
       MyIP(2) = right("000" & MyIP(2),3)
       MyIP(3) = right("000" & MyIP(3),3)
       net_ip(2) = MyIP(0) & "." & MyIP(1) & "." & MyIP(2) & "." & MyIP(3)
       if net_ip(2) = "000.000.000.000" then net_ip(2) = "none" end if
     end if

     if net_dhcp_server <> "255.255.255.255" then
       form_input = "network^^^" & net_mac                    & "^^^" & net_description                 & "^^^" & net_dhcp_enabled         & "^^^" _
                                 & net_dhcp_server            & "^^^" & net_dns_host_name               & "^^^" & net_dns_server(0)        & "^^^" _
                                 & net_dns_server(1)          & "^^^" & net_ip(0)                       & "^^^" & net_ip_subnet(0)         & "^^^" _
                                 & net_wins_primary           & "^^^" & net_wins_secondary              & "^^^" & net_adapter_type         & "^^^" _
                                 & net_manufacturer           & "^^^" & net_gateway(0)                  & "^^^" & net_ip_enabled              & "^^^" _
                                 & net_index                  & "^^^" & net_service_name                & "^^^" & net_dhcp_lease_obtained  & "^^^" _
                                 & net_dhcp_lease_expires     & "^^^" & net_dns_server(2)               & "^^^" & net_dns_domain           & "^^^" _
                                 & net_dns_domain_suffix(0)   & "^^^" & net_dns_domain_suffix(1)        & "^^^" & net_dns_domain_suffix(2) & "^^^" _
                                 & net_dns_domain_reg_enabled & "^^^" & net_dns_domain_full_reg_enabled & "^^^" & net_ip(1)                & "^^^" _
                                 & net_ip_subnet(1)           & "^^^" & net_ip(2)                       & "^^^" & net_ip_subnet(2)         & "^^^" _
                                 & net_wins_lmhosts_enabled   & "^^^" & net_netbios_options             & "^^^" & net_gateway_metric(0)    & "^^^" _   
                                 & net_gateway(1)             & "^^^" & net_gateway_metric(1)           & "^^^" & net_gateway(2)           & "^^^" _
                                 & net_gateway_metric(2)      & "^^^" & net_ip_metric                   & "^^^" & net_connection_id        & "^^^" _ 
                                 & net_connection_status      & "^^^" & net_speed                       & "^^^"   
       entry form_input,comment,objTextFile,oAdd,oComment
       form_input = ""
       erase net_dns_server
       erase net_dns_domain_suffix
       erase net_ip
       erase net_ip_subnet
       erase net_gateway
       erase net_gateway_metric
       ' The first valid MAC Address becomes the MAC_UUID
       if (net_mac <> "unknown" and net_mac_uuid = "") then net_mac_uuid = net_mac end if
     end if
   end if 'is_installed = "true"
Next



- still modify audit.vbs (previous line 724)
Code:
    oIE.document.WriteLn "<tr><td>Subnet: </td><td>" & net_ip_mask & "</td></tr>"


- replace the function "insert_network" in admin_pc_add_2.php and admin_pc_add_dir.php
Code:
function insert_network ($split) {
    global $timestamp, $uuid, $verbose, $net_timestamp;
    $extended = explode('^^^',$split);
    if ($verbose == "y"){echo "<h2>Network</h2><br />";}
    $net_mac_address = trim($extended[1]);
    $net_description = trim($extended[2]);
    $net_dhcp_enabled = trim($extended[3]);
    $net_dhcp_server = trim($extended[4]);
    $net_dns_host_name = trim($extended[5]);
    $net_dns_server = trim($extended[6]);
    $net_dns_server_2 = trim($extended[7]);
    $net_ip_address = trim($extended[8]);
    $net_ip_subnet = trim($extended[9]);
    $net_wins_primary = trim($extended[10]);
    $net_wins_secondary = trim($extended[11]);
    $net_adapter_type = trim($extended[12]);
    $net_manufacturer = trim($extended[13]);
    $net_gateway = trim($extended[14]);
    $net_ip_enabled = trim($extended[15]);
    $net_index = trim($extended[16]);
    $net_service_name = trim($extended[17]);
    $net_dhcp_lease_obtained = trim($extended[18]);
    $net_dhcp_lease_expires = trim($extended[19]);
    $net_dns_server_3 = trim($extended[20]);
    $net_dns_domain = trim($extended[21]);
    $net_dns_domain_suffix = trim($extended[22]);
    $net_dns_domain_suffix_2 = trim($extended[23]);
    $net_dns_domain_suffix_3 = trim($extended[24]);
    $net_dns_domain_reg_enabled = trim($extended[25]);
    $net_dns_domain_full_reg_enabled = trim($extended[26]);
    $net_ip_address_2 = trim($extended[27]);
    $net_ip_subnet_2 = trim($extended[28]);
    $net_ip_address_3 = trim($extended[29]);
    $net_ip_subnet_3 = trim($extended[30]);
    $net_wins_lmhosts_enabled = trim($extended[31]);
    $net_netbios_options = trim($extended[32]);
    $net_gateway_metric = trim($extended[33]);
    $net_gateway_2 = trim($extended[34]);
    $net_gateway_metric_2 = trim($extended[35]);
    $net_gateway_3 = trim($extended[36]);
    $net_gateway_metric_3 = trim($extended[37]);
    $net_ip_metric = trim($extended[38]);
    $net_connection_id = trim($extended[39]);
    $net_connection_status = trim($extended[40]);
    $net_speed = trim($extended[41]);

    if (is_null($net_timestamp)) {
      $sql  = "SELECT MAX(net_timestamp) FROM network_card WHERE net_uuid = '$uuid'";
      if ($verbose == "y"){echo $sql . "<br />\n\n";}
      $result = mysql_query($sql) or die ('Insert Failed: ' . mysql_error() . '<br />' . $sql);
      $myrow = mysql_fetch_array($result);
      if ($myrow["MAX(net_timestamp)"]) {$net_timestamp = $myrow["MAX(net_timestamp)"];} else {$net_timestamp = "";}
    } else {}
    $sql  = "SELECT count(net_uuid) as count from network_card ";
    $sql .= "WHERE net_mac_address = '$net_mac_address' AND net_uuid = '$uuid' AND net_description = '$net_description' ";
    $sql .= "AND net_dhcp_enabled = '$net_dhcp_enabled' AND net_dns_host_name = '$net_dns_host_name' AND net_adapter_type = '$net_adapter_type' ";
    $sql .= "AND net_manufacturer = '$net_manufacturer' AND net_ip_enabled = '$net_ip_enabled' AND net_index = '$net_index' ";
    $sql .= "AND net_service_name = '$net_service_name' AND net_connection_id = '$net_connection_id' ";
    $sql .= "AND (net_timestamp = '$net_timestamp' OR net_timestamp = '$timestamp')";
    if ($verbose == "y"){echo $sql . "<br />\n\n";}
    $result = mysql_query($sql) or die ('Insert Failed: ' . mysql_error() . '<br />' . $sql);
    $myrow = mysql_fetch_array($result);
    if ($verbose == "y"){echo "Count: " . $myrow['count'] . "<br />\n\n";}
    if ($myrow['count'] == "0"){
      // New NIC or DHCP or TCP/IP status changed - Insert into database
      $sql  = "INSERT INTO network_card (";
      $sql .= "net_mac_address, net_uuid, net_ip_enabled, net_index, net_service_name, net_description, net_dhcp_enabled, net_dhcp_server, ";
      $sql .= "net_dhcp_lease_obtained, net_dhcp_lease_expires, net_dns_host_name, net_dns_server, net_dns_server_2, net_dns_server_3, ";
      $sql .= "net_dns_domain, net_dns_domain_suffix, net_dns_domain_suffix_2, net_dns_domain_suffix_3, net_dns_domain_reg_enabled, ";
      $sql .= "net_dns_domain_full_reg_enabled, net_ip_address, net_ip_subnet, net_ip_address_2, net_ip_subnet_2, net_ip_address_3, ";
      $sql .= "net_ip_subnet_3, net_wins_primary, net_wins_secondary, net_wins_lmhosts_enabled, net_netbios_options, net_adapter_type, ";
      $sql .= "net_manufacturer, net_connection_id, net_connection_status, net_speed, net_gateway, net_gateway_metric, net_gateway_2, ";
      $sql .= "net_gateway_metric_2, net_gateway_3, net_gateway_metric_3, net_ip_metric, net_timestamp, net_first_timestamp) VALUES (";
      $sql .= "'$net_mac_address', '$uuid', '$net_ip_enabled', '$net_index', '$net_service_name', '$net_description', '$net_dhcp_enabled', '$net_dhcp_server', ";
      $sql .= "'$net_dhcp_lease_obtained', '$net_dhcp_lease_expires', '$net_dns_host_name', '$net_dns_server', '$net_dns_server_2', '$net_dns_server_3', ";
      $sql .= "'$net_dns_domain', '$net_dns_domain_suffix', '$net_dns_domain_suffix_2', '$net_dns_domain_suffix_3', '$net_dns_domain_reg_enabled', ";
      $sql .= "'$net_dns_domain_full_reg_enabled', '$net_ip_address', '$net_ip_subnet', '$net_ip_address_2', '$net_ip_subnet_2', '$net_ip_address_3', ";
      $sql .= "'$net_ip_subnet_3', '$net_wins_primary', '$net_wins_secondary', '$net_wins_lmhosts_enabled', '$net_netbios_options', '$net_adapter_type', ";
      $sql .= "'$net_manufacturer', '$net_connection_id', '$net_connection_status', '$net_speed', '$net_gateway', '$net_gateway_metric', '$net_gateway_2', ";
      $sql .= "'$net_gateway_metric_2', '$net_gateway_3', '$net_gateway_metric_3', '$net_ip_metric', '$timestamp', '$timestamp') ";

      if ($verbose == "y"){echo $sql . "<br />\n\n";}
      $result = mysql_query($sql) or die ('Insert Failed: ' . mysql_error() . '<br />' . $sql);
    } else {
      // Already present in database - Update timestamp and dynamic fields
      $sql  = "UPDATE network_card SET ";
      $sql .= "net_timestamp = '$timestamp', net_dhcp_server = '$net_dhcp_server', net_dhcp_lease_obtained = '$net_dhcp_lease_obtained', ";
      $sql .= "net_dhcp_lease_expires = '$net_dhcp_lease_expires', net_dns_server = '$net_dns_server', net_dns_server_2 = '$net_dns_server_2', ";
      $sql .= "net_dns_server_3 = '$net_dns_server_3', net_dns_domain = '$net_dns_domain', net_dns_domain_suffix = '$net_dns_domain_suffix', ";
      $sql .= "net_dns_domain_suffix_2 = '$net_dns_domain_suffix_2', net_dns_domain_suffix_3 = '$net_dns_domain_suffix_3', net_dns_domain_reg_enabled = '$net_dns_domain_reg_enabled', ";
      $sql .= "net_dns_domain_full_reg_enabled = '$net_dns_domain_full_reg_enabled', net_ip_address = '$net_ip_address', net_ip_subnet = '$net_ip_subnet', ";
      $sql .= "net_ip_address_2 = '$net_ip_address_2', net_ip_subnet_2 = '$net_ip_subnet_2', net_ip_address_3 = '$net_ip_address_3', "; 
      $sql .= "net_ip_subnet_3 = '$net_ip_subnet_3', net_wins_primary = '$net_wins_primary', net_wins_secondary = '$net_wins_secondary', ";
      $sql .= "net_wins_lmhosts_enabled = '$net_wins_lmhosts_enabled', net_netbios_options = '$net_netbios_options', net_gateway = '$net_gateway', ";
      $sql .= "net_connection_status = '$net_connection_status', net_speed = '$net_speed', net_gateway_metric = '$net_gateway_metric', net_gateway_2 = '$net_gateway_2', ";
      $sql .= "net_gateway_metric_2 = '$net_gateway_metric_2', net_gateway_3 = '$net_gateway_3', net_gateway_metric_3 = '$net_gateway_metric_3', net_ip_metric = '$net_ip_metric' ";
      $sql .= "WHERE net_mac_address = '$net_mac_address' AND net_uuid = '$uuid' AND net_description = '$net_description' ";
      $sql .= "AND net_dhcp_enabled = '$net_dhcp_enabled' AND net_dns_host_name = '$net_dns_host_name' AND net_adapter_type = '$net_adapter_type' ";
      $sql .= "AND net_manufacturer = '$net_manufacturer' AND net_ip_enabled = '$net_ip_enabled' AND net_index = '$net_index' ";
      $sql .= "AND net_service_name = '$net_service_name' AND net_connection_id = '$net_connection_id' ";
      $sql .= "AND net_timestamp = '$net_timestamp'";
      if ($verbose == "y"){echo $sql . "<br />\n\n";}
      $result = mysql_query($sql) or die ('Insert Failed: ' . mysql_error() . '<br />' . $sql);
    }
   
  // Remove from the 'other' table if exists
  // First - get the id from the 'other' table - if it exists
  $other_id = '';
  $sql = "SELECT other_id FROM other WHERE other_mac_address = '$net_mac_address'";
  if ($verbose == "y"){echo $sql . "<br />\n\n";}
  $result = mysql_query($sql) or die ('Check Other table Failed: ' . mysql_error() . '<br />' . $sql);
  if ($myrow = mysql_fetch_array($result)){$other_id = $myrow['other_id'];}
  if ($other_id <> ''){
    // It exists - so update the 'nmap_ports' table to the uuid/mac of the PC - not the other_id
    $sql = "UPDATE nmap_ports SET nmap_other_id = '$uuid' WHERE nmap_other_id = '$other_id'";
    if ($verbose == "y"){echo $sql . "<br />\n\n";}
    $result = mysql_query($sql) or die ('Update nmap_ports Failed: ' . mysql_error() . '<br />' . $sql);
    // Now remove the entry from the 'other' table
    $sql = "DELETE FROM other WHERE other_mac_address = '$net_mac_address'";
    if ($verbose == "y"){echo $sql . "<br />\n\n";}
    $result = mysql_query($sql) or die ('Update nmap_ports Failed: ' . mysql_error() . '<br />' . $sql);
  }
}



- modify system_viewdef_summary.php (line 9)
Code:
                                                            LEFT JOIN network_card ON (system_uuid=net_uuid AND system_timestamp=net_timestamp AND system.net_ip_address = network_card.net_ip_address)

- replace the "network_card" section in system_viewdef_hardware.php and system_viewdef_report_full.php
Code:
                                   "network_card"=>array(
                                                    "headline"=>__("Network Card"),
                                                    "sql"=>"SELECT * FROM network_card WHERE net_uuid = '" . $_GET["pc"] . "' AND net_timestamp = '".$GLOBAL["system_timestamp"]."' ORDER BY net_index ",
                                                    "image"=>"images/network_device_l.png",
                                                    "fields"=>array("10"=> array("name"=>"net_connection_id", "head"=>__("Connection ID"),),
                                                                    //"20"=> array("name"=>"net_index", "head"=>__("Index"),),
                                                                    "30"=> array("name"=>"net_description", "head"=>__("Description"),),
                                                                    "40"=> array("name"=>"net_manufacturer", "head"=>__("Manufacturer"),),
                                                                    "50"=> array("name"=>"net_service_name", "head"=>__("Service Name"),),
                                                                    "60"=> array("name"=>"net_adapter_type", "head"=>__("Type"),),
                                                                    "70"=> array("name"=>"net_mac_address", "head"=>__("MAC Address"),),
                                                                    "80"=> array("name"=>"net_connection_status", "head"=>__("Connectivity status"),),
                                                                    "90"=> array("name"=>"net_speed", "head"=>__("Link speed"),),
                                                                    "100"=>array("name"=>"net_ip_enabled", "head"=>__("IP Enabled"),),
                                                                    "110"=>array("name"=>"net_ip_address", "head"=>__("IP address"),),
                                                                    "120"=>array("name"=>"net_ip_subnet", "head"=>__("Subnet Mask"),),
                                                                    "130"=>array("name"=>"net_ip_address_2", "head"=>__("IP address 2"),),
                                                                    "140"=>array("name"=>"net_ip_subnet_2", "head"=>__("Subnet Mask 2"),),
                                                                    "150"=>array("name"=>"net_ip_address_3", "head"=>__("IP address 3"),),
                                                                    "160"=>array("name"=>"net_ip_subnet_3", "head"=>__("Subnet Mask 3"),),
                                                                    //"170"=>array("name"=>"net_ip_metric", "head"=>__("Interface metric"),),
                                                                    "180"=>array("name"=>"net_gateway", "head"=>__("Gateway"),),
                                                                    //"190"=>array("name"=>"net_gateway_metric", "head"=>__("Gateway metric"),),
                                                                    "200"=>array("name"=>"net_gateway_2", "head"=>__("Gateway 2"),),
                                                                    //"210"=>array("name"=>"net_gateway_metric_2", "head"=>__("Gateway metric 2"),),
                                                                    "220"=>array("name"=>"net_gateway_3", "head"=>__("Gateway 3"),),
                                                                    //"230"=>array("name"=>"net_gateway_metric_3", "head"=>__("Gateway metric 3"),),
                                                                    "240"=>array("name"=>"net_dns_server", "head"=>__("Preferred DNS"),),
                                                                    "250"=>array("name"=>"net_dns_server_2", "head"=>__("Alternate DNS"),),
                                                                    "260"=>array("name"=>"net_dns_server_3", "head"=>__("Alternate DNS 2"),),
                                                                    //"270"=>array("name"=>"net_dns_domain", "head"=>__("Connection DNS Domain"),),
                                                                    //"280"=>array("name"=>"net_dns_domain_suffix", "head"=>__("Connection DNS Domain suffix"),),
                                                                    //"290"=>array("name"=>"net_dns_domain_suffix_2", "head"=>__("Connection DNS Domain suffix 2"),),
                                                                    //"300"=>array("name"=>"net_dns_domain_suffix_3", "head"=>__("Connection DNS Domain suffix 3"),),
                                                                    //"310"=>array("name"=>"net_dns_domain_reg_enabled", "head"=>__("DNS Domain reg enabled"),),
                                                                    //"320"=>array("name"=>"net_dns_domain_full_reg_enabled", "head"=>__("DNS Domain full reg enabled"),),
                                                                    "330"=>array("name"=>"net_wins_primary", "head"=>__("Primary WINS"),),
                                                                    "340"=>array("name"=>"net_wins_secondary", "head"=>__("Secondary WINS"),),
                                                                    "350"=>array("name"=>"net_wins_lmhosts_enabled", "head"=>__("LMHosts Lookup enabled"),),
                                                                    "360"=>array("name"=>"net_netbios_options", "head"=>__("Netbios over TCP/IP"),),
                                                                    "370"=>array("name"=>"net_dhcp_enabled", "head"=>__("DHCP enabled"),),
                                                                    "380"=>array("name"=>"net_dhcp_server", "head"=>__("DHCP Server"),),
                                                                    "390"=>array("name"=>"net_dhcp_lease_obtained", "head"=>__("DHCP Lease obtained"),),
                                                                    "400"=>array("name"=>"net_dhcp_lease_expires", "head"=>__("DHCP Lease expires"),),
                                                                   ),
                                                    ),


- modify the function "special_field_converting" in include_functions.php (lines 156-158)
Code:
    }elseif($field["name"]=="system_timestamp" OR
            $field["name"]=="net_dhcp_lease_obtained" OR
            $field["name"]=="net_dhcp_lease_expires"){
        $show_value=return_date($myrow[$field["name"]]);
    }elseif($field["name"]=="net_speed"){
        $show_value=number_format($myrow[$field["name"]])." Mbps";
    }elseif($field["name"]=="software_first_timestamp" OR

- replace list_viewdef_systems_for_gateway.php
Code:
<?php
$query_array=array("headline"=>__("List Systems with Gateway"),
                   "sql"=>"SELECT DISTINCT sys.system_uuid, sys.net_ip_address, sys.system_name, net.net_gateway, sys.net_domain, sys.system_os_name, sys.system_service_pack, sys.system_timestamp, sys.system_system_type, sys.system_description
                           FROM system sys, network_card net
                           WHERE net.net_uuid  = sys.system_uuid
                           AND sys.system_timestamp  = net.net_timestamp
                           AND net.net_gateway = '" . $_GET["headline_addition"] . "'  ",
                   "sort"=>"sys.system_name",
                   "dir"=>"ASC",
                   "get"=>array("file"=>"system.php",
                                "title"=>"Go to System",
                                "var"=>array("pc"=>"%system_uuid",
                                             "view"=>"summary",
                                            ),
                               ),
                   "fields"=>array("10"=>array("name"=>"sys.system_uuid",
                                               "head"=>__("UUID"),
                                               "show"=>"n",
                                              ),
                                   "20"=>array("name"=>"sys.net_ip_address",
                                               "head"=>__("IP"),
                                               "show"=>"y",
                                               "link"=>"y",
                                              ),
                                   "30"=>array("name"=>"sys.system_name",
                                               "head"=>__("Hostname"),
                                               "show"=>"y",
                                               "link"=>"y",
                                              ),
                                   "40"=>array("name"=>"net.net_gateway",
                                               "head"=>__("Gateway"),
                                               "show"=>"y",
                                               "link"=>"n",
                                              ),
                                    "50"=>array("name"=>"sys.net_domain",
                                               "head"=>__("Domain"),
                                               "show"=>$show_domain,
                                              ),
                                   "60"=>array("name"=>"sys.system_os_name",
                                               "head"=>__("OS"),
                                               "show"=>$show_os,
                                              ),
                                   "70"=>array("name"=>"sys.system_service_pack",
                                               "head"=>__("Servicepack"),
                                               "show"=>$show_service_pack,
                                              ),
                                   "80"=>array("name"=>"sys.system_timestamp",
                                               "head"=>__("Date Audited"),
                                               "show"=>$show_date_audited,
                                              ),
                                   "90"=>array("name"=>"sys.system_system_type",
                                               "head"=>__("System Type"),
                                               "show"=>$show_type,
                                               "align"=>"center",
                                              ),
                                   "100"=>array("name"=>"sys.system_description",
                                               "head"=>__("Description"),
                                               "show"=>$show_description,
                                              ),
                                  ),
                  );
?>


I know it's a whole bunch of editing, but I think it's worth it.
If you are using uuid_type = "mac" in audit.config, I suggest to change to "uuid" (if you are sure that every machine has a unique SID, i.e. you ran MS Sysprep or NewSid) or "name" to avoid duplicates when NLB hosts or teaming virtual NICs failover from a node/NIC to other.
It's suggested, probably, to delete existing systems and inventory them ex novo. Please let me know if it's OK. Thanks

_________________
Edoardo


Top
 Profile  
Reply with quote  
PostPosted: Wed Dec 05, 2007 8:56 pm 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
Wow... Give me time to go through that lot. Thanks. :shock:

_________________
Andrew

OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory


Top
 Profile  
Reply with quote  
PostPosted: Wed Dec 05, 2007 10:25 pm 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
Added in at SVN 911. Thanks, I am running an audit against this build and it appears a whole lot better.

_________________
Andrew

OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory


Top
 Profile  
Reply with quote  
PostPosted: Wed Dec 05, 2007 11:06 pm 
Offline
Open-AudIT Fellow

Joined: Thu May 17, 2007 5:47 pm
Posts: 568
Location: Italy
Thank you Andrew, it seems that the admin_pc_add_dir.php fix is missing from the svn. It's the same added to admin_pc_add_2.php.
Let me know about any issue occurred with these updates, particularly regarding dhcp leases, statistics, multi-homed boxes, nmap scans.
The link speed detection could be unreliable on multihomed machines with identical nic description.
Next improvements I would like to add are
- search for all IP addresses
- modifying the way admin_nmap_input.php creates new networked hosts: now, every scanned ip address different from an existing system's ip triggers the addition of a new "other" host, I would like it to compare this ip to the network_card table instead, not only to the system and other one, so if it's an existing nic ip address every discovered port is added to a system. But it involves adding to the nmap_ports another field forthe ip to record complete socket info. But this is another history...

_________________
Edoardo


Top
 Profile  
Reply with quote  
PostPosted: Wed Dec 05, 2007 11:45 pm 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
Fixed the admin_pc_add_dir.php Thanks.

ef wrote:
Next improvements I would like to add are
- search for all IP addresses
- modifying the way admin_nmap_input.php creates new networked hosts: now, every scanned ip address different from an existing system's ip triggers the addition of a new "other" host, I would like it to compare this ip to the network_card table instead, not only to the system and other one, so if it's an existing nic ip address every discovered port is added to a system. But it involves adding to the nmap_ports another field forthe ip to record complete socket info. But this is another history...


Sounds like a plan 8)

BTW Is it me, or are we still only seeing the first network adapter?

_________________
Andrew

OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 06, 2007 12:05 am 
Offline
Open-AudIT Fellow

Joined: Thu May 17, 2007 5:47 pm
Posts: 568
Location: Italy
Did you check for duplicate systems? It's likely that new systems were discovered, so please try to delete old ones.

_________________
Edoardo


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 06, 2007 2:21 am 
Offline
Helper

Joined: Thu Jun 14, 2007 4:06 am
Posts: 96
Location: Georgia, USA
What will upgrading to SVN 911 do to existing databases? I use MAC addresses as my UUID. Does this mod affect that?


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 06, 2007 3:30 am 
Offline
Contributor

Joined: Fri Sep 28, 2007 12:07 am
Posts: 189
This created one issue:

go to Statistics>Gateway page:

Any machine who's first detected NIC does not have an IP/gateway is listed under gateway as "none".

The gateway page should loop through all NICs found for that particular system.

Thanks

Jason

_________________
OA Deployment:
Windows 2003 with XAMPP install
80 Windows Servers
250 Windows workstations (mixed XP and 2000)
5 MACs
Multiple printers, switches, routers, firewalls, and other servers (ESX, AIX etc.)


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 06, 2007 3:50 am 
Offline
Open-AudIT Fellow

Joined: Thu May 17, 2007 5:47 pm
Posts: 568
Location: Italy
Hi jpmorgan, the upgrade will add several fields to the network_card table. You can still use MAC addresses as UUID for OA, but it's not recommended (as it was before this mod) when you have teaming NICs: during the first audit OA will correctly detect every NIC, but at the next one it couldn't correctly identify and update their properties, due to the same MAC shared among the NICs. Sometimes you will see the correct info, next time you will see all involved NIC with the same values, another time you will find no values at all, depending from NIC index and from teaming state. I used mac too until I decided to switch to "name" instead (the system FQDN), which in my opinion is more reliable.
As I adopted (with some tweaks) what we discussed about regarding the network_card table optimization for dynamic values, let me know if you have issues with DHCP-assigned values. Thanks

_________________
Edoardo


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 06, 2007 4:31 am 
Offline
Helper

Joined: Thu Jun 14, 2007 4:06 am
Posts: 96
Location: Georgia, USA
I'm glad you took the DHCP issues into account.

Most of my computers here have a single NIC card, so I assume those will transition just fine. If the few with mulitple NICs get duplicated, I can run my cleanup script. I think in the past I've had issues with laptops that use both wired and wireless. I hope this will fix that issue as well.

Good work. I think this NIC issue was bugging you as much as the partition issue was bugging me :)


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 06, 2007 5:43 am 
Offline
Open-AudIT Fellow

Joined: Thu May 17, 2007 5:47 pm
Posts: 568
Location: Italy
Jason, I will address the gateway issue as soon as possible. Thank you

_________________
Edoardo


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 06, 2007 11:41 am 
Offline
Contributor

Joined: Fri Sep 28, 2007 12:07 am
Posts: 189
ef wrote:
Jason, I will address the gateway issue as soon as possible. Thank you


thanks eduardo,

In addition to my comment earlier new machines detected that have multiple NICs with *any* that are not connected show up as being "Non-networked" which is incorrect. I have also noticed some machine showing up under "New Software" with wrong IPs in the list, and when you look at the machine details it is correct.

Thanks

Jason

_________________
OA Deployment:
Windows 2003 with XAMPP install
80 Windows Servers
250 Windows workstations (mixed XP and 2000)
5 MACs
Multiple printers, switches, routers, firewalls, and other servers (ESX, AIX etc.)


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 06, 2007 7:33 pm 
Offline
Open-AudIT Fellow

Joined: Thu May 17, 2007 5:47 pm
Posts: 568
Location: Italy
jsingh wrote:
ef wrote:
Jason, I will address the gateway issue as soon as possible. Thank you


thanks eduardo,

In addition to my comment earlier new machines detected that have multiple NICs with *any* that are not connected show up as being "Non-networked" which is incorrect. I have also noticed some machine showing up under "New Software" with wrong IPs in the list, and when you look at the machine details it is correct.

Thanks

Jason

Regarding the "non-networked" issues, try to delete every instance of the incorrect machines and audit them at least 2 times (just to be sure that their NICs are correctly inserted first time and correctly updated the 2nd time).
Otherwise, change the UUID. I had those kind of error when I was using "mac" as uuid. I changed to "name", re-audited and all was OK. Obviously, I had all duplicate systems first time.

_________________
Edoardo


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 06, 2007 9:22 pm 
Offline
Open-AudIT Fellow

Joined: Thu May 17, 2007 5:47 pm
Posts: 568
Location: Italy
jsingh wrote:
This created one issue:

go to Statistics>Gateway page:

Any machine who's first detected NIC does not have an IP/gateway is listed under gateway as "none".

The gateway page should loop through all NICs found for that particular system.

Thanks

Jason

Try this:
- replace list_viewdef_statistic_gateway.php
Code:
<?php

$query_array=array("headline"=>__("Statistic for Gateway"),
                   "sql"=>"SELECT net.net_gateway, COUNT( * ) AS count_item,
                                  ROUND( 100 / (SELECT count(*)
                                                FROM network_card net, system sys
                                                WHERE net.net_uuid = sys.system_uuid AND net.net_timestamp = sys.system_timestamp
                                                      AND net.net_gateway != '' AND (net.net_ip_address != 'none'
                                                                                     OR net.net_ip_address_2 != 'none'
                                                                                     OR net.net_ip_address_3 != 'none')
                                                 ) * COUNT( * ), $round_to_decimal_places) AS percentage
                           FROM network_card net, system sys
                           WHERE net.net_uuid = sys.system_uuid AND net.net_timestamp = sys.system_timestamp
                                 AND net.net_gateway != '' AND (net.net_ip_address != 'none' OR net.net_ip_address_2 != 'none'
                                                                OR net.net_ip_address_3 != 'none')
                           GROUP BY net.net_gateway ",
                   "sort"=>"count_item",
                   "dir"=>"DESC",
                   "get"=>array("file"=>"list.php",
                                "title"=>__("Hosts with this Gateway"),
                                "var"=>array("view"=>"systems_for_gateway",
                                             "headline_addition"=>"%net_gateway",
                                            ),
                               ),
                   "fields"=>array("10"=>array("name"=>"net_gateway",
                                               "head"=>__("Gateway"),
                                               "show"=>"y",
                                               "link"=>"y",
                                              ),
                                   "20"=>array("name"=>"count_item",
                                               "head"=>__("Count"),
                                               "show"=>"y",
                                               "link"=>"y",
                                               "search"=>"n",
                                              ),
                                   "30"=>array("name"=>"percentage",
                                               "head"=>__("Percentage"),
                                               "show"=>"y",
                                               "link"=>"n",
                                               "search"=>"n",
                                              ),
                                  ),
                  );
?>


- replace list_viewdef_systems_for_gateway.php
Code:
<?php
$query_array=array("headline"=>__("List Systems with Gateway"),
                   "sql"=>"SELECT DISTINCT sys.system_uuid, sys.net_ip_address, sys.system_name, net.net_gateway, sys.net_domain,
                                  sys.system_os_name, sys.system_service_pack, sys.system_timestamp, sys.system_system_type, sys.system_description
                           FROM system sys, network_card net
                           WHERE net.net_uuid  = sys.system_uuid
                           AND sys.system_timestamp  = net.net_timestamp AND net.net_gateway = '" . $_GET["headline_addition"] . "'
                           AND (net.net_ip_address != 'none' OR net.net_ip_address_2 != 'none' OR net.net_ip_address_3 != 'none') ",
                   "sort"=>"sys.system_name",
                   "dir"=>"ASC",
                   "get"=>array("file"=>"system.php",
                                "title"=>"Go to System",
                                "var"=>array("pc"=>"%system_uuid",
                                             "view"=>"summary",
                                            ),
                               ),
                   "fields"=>array("10"=>array("name"=>"sys.system_uuid",
                                               "head"=>__("UUID"),
                                               "show"=>"n",
                                              ),
                                   "20"=>array("name"=>"sys.net_ip_address",
                                               "head"=>__("IP"),
                                               "show"=>"y",
                                               "link"=>"y",
                                              ),
                                   "30"=>array("name"=>"sys.system_name",
                                               "head"=>__("Hostname"),
                                               "show"=>"y",
                                               "link"=>"y",
                                              ),
                                   "40"=>array("name"=>"net.net_gateway",
                                               "head"=>__("Gateway"),
                                               "show"=>"y",
                                               "link"=>"n",
                                              ),
                                    "50"=>array("name"=>"sys.net_domain",
                                               "head"=>__("Domain"),
                                               "show"=>$show_domain,
                                              ),
                                   "60"=>array("name"=>"sys.system_os_name",
                                               "head"=>__("OS"),
                                               "show"=>$show_os,
                                              ),
                                   "70"=>array("name"=>"sys.system_service_pack",
                                               "head"=>__("Servicepack"),
                                               "show"=>$show_service_pack,
                                              ),
                                   "80"=>array("name"=>"sys.system_timestamp",
                                               "head"=>__("Date Audited"),
                                               "show"=>$show_date_audited,
                                              ),
                                   "90"=>array("name"=>"sys.system_system_type",
                                               "head"=>__("System Type"),
                                               "show"=>$show_type,
                                               "align"=>"center",
                                              ),
                                   "100"=>array("name"=>"sys.system_description",
                                               "head"=>__("Description"),
                                               "show"=>$show_description,
                                              ),
                                  ),
                  );
?>


Now, although only the first gateway is still accounted, you will find enumerated as "none" gateway only those IP enabled NICs with at least one valid IP address, but no gateway (i.e. heartbeat NICs on a dual-node cluster and so on). Let me know if it works fine for you too as it does for me.

_________________
Edoardo


Top
 Profile  
Reply with quote  
PostPosted: Thu Dec 06, 2007 11:06 pm 
Offline
Moderator
User avatar

Joined: Tue Jan 25, 2005 3:09 am
Posts: 2140
Location: Scotland
Works for me 8) SVN 916 (also resent the RSS pages just in case :? )

_________________
Andrew

OA Server: Windows XP/ XAMPP, Mandriva/Apache, Ubuntu
Auditing: 300+ Wstns, 20+ Srvrs, Thin clients, Linux boxes, Routers, etc
OS's: Windows XP , W2K Srvr, W2K3 Srvr, W2K8, Vista, Windows 7, Linuxes (and a Mac at home)
LDAP: Active Directory


Top
 Profile  
Reply with quote  
Display posts from previous:  Sort by  
Forum locked This topic is locked, you cannot edit posts or make further replies.  [ 31 posts ]  Go to page 1, 2, 3  Next

All times are UTC + 10 hours


Who is online

Users browsing this forum: No registered users and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group