src/rootcheck/check_open_ports.c

   1 /* @(#) $Id$ */
   2
   3 /* Copyright (C) 2009 Trend Micro Inc.
   4  * All right reserved.
   5  *
   6  * This program is a free software; you can redistribute it
   7  * and/or modify it under the terms of the GNU General Public
   8  * License (version 2) as published by the FSF - Free Software
   9  * Foundation
  10  */
  11
  12
  13 #include "shared.h"
  14 #include "headers/defs.h"
  15 #include "headers/debug_op.h"
  16
  17 #include "rootcheck.h"
  18
  19
  20 int _ports_open;
  21 int open_ports_size;
  22 char open_ports_str[OS_SIZE_1024 + 1];
  23
  24 /* connect_to_port */
  25 int connect_to_port(int proto, int port)
  26 {
  27     int rc = 0;
  28
  29     int ossock;
  30     struct sockaddr_in server;
  31
  32     if(proto == IPPROTO_UDP)
  33     {
  34         if((ossock = socket(PF_INET,SOCK_DGRAM,IPPROTO_UDP)) < 0)
  35             return(0);
  36     }
  37     else if(proto == IPPROTO_TCP)
  38     {
  39         if((ossock = socket(PF_INET,SOCK_STREAM,IPPROTO_TCP)) < 0)
  40             return(0);
  41     }
  42
  43     memset(&server, 0, sizeof(server));
  44     server.sin_family = AF_INET;
  45     server.sin_port = htons( port );
  46     server.sin_addr.s_addr = inet_addr("127.0.0.1");
  47
  48     if(connect(ossock, (struct sockaddr *)&server, sizeof(server)) == 0)
  49     {
  50         rc = 1;
  51     }
  52
  53     close(ossock);
  54
  55     return(rc);
  56 }
  57
  58 /* try_to_access_ports */
  59 void try_to_access_ports()
  60 {
  61     int i;
  62
  63     for(i = 0; i<= 65535; i++)
  64     {
  65         if(total_ports_tcp[i] && connect_to_port(IPPROTO_TCP, i))
  66         {
  67             char port_proto[64];
  68
  69             if(_ports_open == 0)
  70             {
  71                 snprintf(port_proto, 64, "\n      %d (tcp),", i);
  72             }
  73             else
  74             {
  75                 snprintf(port_proto, 64, "%d (tcp),", i);
  76             }
  77             strncat(open_ports_str, port_proto, open_ports_size);
  78             open_ports_size -= strlen(port_proto) +1;
  79
  80             _ports_open++;
  81         }
  82         if(total_ports_udp[i] && connect_to_port(IPPROTO_UDP, i))
  83         {
  84             char port_proto[64];
  85
  86             if(_ports_open == 0)
  87             {
  88                 snprintf(port_proto, 64, "\n      %d (udp),", i);
  89             }
  90             else
  91             {
  92                 snprintf(port_proto, 64, "%d (udp),", i);
  93             }
  94
  95             strncat(open_ports_str, port_proto, open_ports_size);
  96             open_ports_size -= strlen(port_proto) +1;
  97
  98             _ports_open++;
  99         }
 100
 101         if(_ports_open >= 4)
 102         {
 103             _ports_open = 0;
 104         }
 105     }
 106
 107 }
 108
 109
 110 /*  check_open_ports: v0.1
 111  *  Check all open ports
 112  */
 113 void check_open_ports()
 114 {
 115     memset(open_ports_str, '\0', OS_SIZE_1024 +1);
 116     open_ports_size = OS_SIZE_1024 - 1;
 117     _ports_open = 0;
 118
 119     #ifndef OSSECHIDS
 120     snprintf(open_ports_str, OS_SIZE_1024, "The following ports are open:");
 121     open_ports_size-=strlen(open_ports_str) +1;
 122
 123     /* Testing All ports */
 124     try_to_access_ports();
 125
 126     open_ports_str[strlen(open_ports_str) -1] = '\0';
 127
 128     notify_rk(ALERT_OK, open_ports_str);
 129
 130     #endif
 131     return;
 132 }
 133
 134 /* EOF */