#include <include.h>#include <src/analyse.h>#include <src/interface.h>#include <src/crt_io.h>#include <src/conversion.h>#include <src/manuf.h>Include dependency graph for analyse.c:
Go to the source code of this file.
Defines | |
| #define | HISTO_SIGNAL_SIZE 32 |
| #define | HISTO_SIGNAL_CHAN 14 |
Functions | |
| void | LogPutSSID_byAddMAc (UINT8 AddMac[WLAN_ADDR_LEN], char *SSID) |
| void | LogPutSSID_byBSSID (UINT8 BSSID[WLAN_ADDR_LEN], char *SSID) |
| void | CalculCoef (UINT32 X[4], UINT32 Y[4], float *a, float *b) |
| UINT8 | CompareAddMac (UINT8 AddMac1[WLAN_ADDR_LEN], UINT8 AddMac2[WLAN_ADDR_LEN]) |
| void | LogPutSN (UINT8 AddMac[WLAN_ADDR_LEN], UINT32 SN) |
| void | LogPutRate (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 Rate) |
| void | LogPutMaxRate (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 Rate) |
| void | LogDetectedClient (UINT8 AddMac[WLAN_ADDR_LEN]) |
| void | LogPutBSSID (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 BSSID[WLAN_ADDR_LEN]) |
| void | LogPutDS (UINT8 AddMac[WLAN_ADDR_LEN]) |
| void | LogPutWep (UINT8 BSSID[WLAN_ADDR_LEN], UINT8 hasWep) |
| void | LogPutChannel_byAddMac (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 Channel) |
| void | LogPutChannel_byBSSID (UINT8 BSSID[WLAN_ADDR_LEN], UINT8 Channel) |
| void | LogPutChannel (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 BSSID[WLAN_ADDR_LEN], UINT8 Channel) |
| void | LogPutSSID_byAddMac (UINT8 AddMac[WLAN_ADDR_LEN], char *SSID) |
| void | LogPutSSID (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 BSSID[WLAN_ADDR_LEN], char *SSID) |
| void | LogPutIsAP (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 hasWep, UINT16 bcn_int) |
| void | LogPutIsP2P (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 hasWep, UINT16 bcn_int) |
| void | LogPutOtherInformation (UINT8 AddMac[WLAN_ADDR_LEN], char *OtherInformation) |
| void | LogPutTimestamp (UINT8 AddMac[WLAN_ADDR_LEN], UINT64 TimeStamp) |
| void | LogPutSeqNum (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 AddMacDst[WLAN_ADDR_LEN], UINT16 SeqNum) |
| void | LogPutLastIV (UINT8 AddMac[WLAN_ADDR_LEN], UINT8 IV[4]) |
| void | LogWriteReport (void) |
| void | LogWriteDOT (FILE *filename) |
| void | LogWriteHisto (void) |
| void | WritePanel (UINT8 GoodPacket) |
| void | DoSummary (void) |
| UINT8 | IDS_BcnInt (void) |
| UINT8 | IDS_TimeStamp (void) |
| UINT8 | IDS_Var_SeqNum (void) |
| UINT8 | IDS_Detect_FakeAP (void) |
| UINT8 | IDS (void) |
Variables | |
| static UINT8 | ID [] |
| static UINT16 | NumberOfDetectedClient = 0 |
| static ClientInfo_t | ClientInfo [8192] |
| const UINT8 | BroadcastMAC [WLAN_ADDR_LEN] |
| WINDOW * | Panel_WND |
| WINDOW * | RealTime_WND |
| ScanResult_t | Res |
| Statistics_t | Stats |
| UINT8 | ids_warning |
| ConfigStruct | config |
| pthread_mutex_t | screen_mutex |
| MUTEX for lock screen, so only one func write to it at the same time. | |
|
|
Referenced by LogWriteHisto(). |
|
|
Referenced by LogWriteHisto(). |
|
||||||||||||
|
|
|
||||||||||||
|
Definition at line 259 of file analyse.c. References ClientInfo, CompareAddMac(), NumberOfDetectedClient, and WLAN_SSID_MAXLEN. Referenced by LogPutSSID(). |
|
||||||||||||||||||||
|
Function : CalculCoef Resolve equation Y = a.X + b Definition at line 771 of file analyse.c. References HISTORY_SIZE. |
|
||||||||||||
|
Compare two MAC address Definition at line 64 of file analyse.c. Referenced by LogDetectedClient(), LogPutBSSID(), LogPutChannel(), LogPutChannel_byAddMac(), LogPutChannel_byBSSID(), LogPutDS(), LogPutIsAP(), LogPutIsP2P(), LogPutLastIV(), LogPutMaxRate(), LogPutOtherInformation(), LogPutRate(), LogPutSeqNum(), LogPutSN(), LogPutSSID(), LogPutSSID_byAddMac(), LogPutSSID_byBSSID(), LogPutTimestamp(), and LogPutWep(). |
|
||||||||||||
|
Definition at line 77 of file analyse.c. References ClientInfo, CompareAddMac(), HISTORY_SIZE, NumberOfDetectedClient, ClientInfo_t::SN, ClientInfo_t::SNMax, ClientInfo_t::SNMed, ClientInfo_t::SNMin, and UINT32. Referenced by analyseBeacon(), analyseData(), analyseMGMT(), analyseProbeRep(), analyseProbeReq(), analysePSPOLL(), and analyseRTS(). |
|
||||||||||||
|
Definition at line 105 of file analyse.c. References ClientInfo, CompareAddMac(), NumberOfDetectedClient, ClientInfo_t::RateMax, and ClientInfo_t::RateMin. Referenced by analyseBeacon(), analyseData(), analyseMGMT(), analyseProbeRep(), analyseProbeReq(), analysePSPOLL(), and analyseRTS(). |
|
||||||||||||
|
Definition at line 121 of file analyse.c. References ClientInfo, CompareAddMac(), ClientInfo_t::MaxSpeed, and NumberOfDetectedClient. Referenced by ProcessTagBits(). |
|
|
Definition at line 131 of file analyse.c. References AddMacToManufModel(), AddMacToManufName(), BroadcastMAC, ClientInfo, CompareAddMac(), debug, MANUF_MAXSTRINGLENGTH, MAX_NUMBER_OF_DETECTED_CLIENT, NumberOfDetectedClient, and WLAN_ADDR_LEN. Referenced by analyseACK(), analyseBeacon(), analyseCTS(), analyseData(), analyseMGMT(), analyseProbeRep(), analyseProbeReq(), analysePSPOLL(), and analyseRTS(). |
|
||||||||||||
|
Definition at line 165 of file analyse.c. References BroadcastMAC, ClientInfo, CompareAddMac(), NumberOfDetectedClient, and WLAN_ADDR_LEN. Referenced by analyseBeacon(), analyseData(), analyseProbeRep(), and analyseProbeReq(). |
|
|
Definition at line 180 of file analyse.c. References ClientInfo, CompareAddMac(), ClientInfo_t::IsDS, and NumberOfDetectedClient. Referenced by analyseData(). |
|
||||||||||||
|
Definition at line 192 of file analyse.c. References ClientInfo, CompareAddMac(), ClientInfo_t::hasWep, and NumberOfDetectedClient. Referenced by LogPutIsAP(). |
|
||||||||||||
|
Definition at line 203 of file analyse.c. References ClientInfo_t::Channel, ClientInfo, CompareAddMac(), and NumberOfDetectedClient. Referenced by LogPutChannel(). |
|
||||||||||||
|
Definition at line 216 of file analyse.c. References ClientInfo_t::Channel, ClientInfo, CompareAddMac(), and NumberOfDetectedClient. Referenced by LogPutChannel(). |
|
||||||||||||||||
|
Definition at line 228 of file analyse.c. References BroadcastMAC, CompareAddMac(), LogPutChannel_byAddMac(), and LogPutChannel_byBSSID(). Referenced by ProcessTagBits(). |
|
||||||||||||
|
Definition at line 240 of file analyse.c. References ClientInfo, CompareAddMac(), NumberOfDetectedClient, and WLAN_SSID_MAXLEN. Referenced by LogPutSSID(). |
|
||||||||||||||||
|
Definition at line 278 of file analyse.c. References BroadcastMAC, CompareAddMac(), LogPutSSID_byAddMac(), and LogPutSSID_byBSSID(). Referenced by ProcessTagBits(). |
|
||||||||||||||||
|
Definition at line 291 of file analyse.c. References ClientInfo_t::bcn_int, ClientInfo, CompareAddMac(), ClientInfo_t::hasWep, HISTORY_SIZE, ClientInfo_t::IsAP, LogPutWep(), NumberOfDetectedClient, and WLAN_ADDR_LEN. Referenced by analyseBeacon(), analyseData(), and analyseProbeRep(). |
|
||||||||||||||||
|
Definition at line 313 of file analyse.c. References ClientInfo_t::bcn_int, ClientInfo, CompareAddMac(), debug, ClientInfo_t::hasWep, HISTORY_SIZE, ClientInfo_t::IsAP, ClientInfo_t::IsP2P, and NumberOfDetectedClient. Referenced by analyseBeacon(), and analyseProbeRep(). |
|
||||||||||||
|
Definition at line 334 of file analyse.c. References ClientInfo, CompareAddMac(), MAXSIZE_OTHERINFORMATION, and NumberOfDetectedClient. Referenced by ProcessTagBits(). |
|
||||||||||||
|
Get a timestamp of a BSSID and put it in the fifo of TS
Definition at line 348 of file analyse.c. References ClientInfo, CompareAddMac(), debug, HISTORY_SIZE, NumberOfDetectedClient, and ClientInfo_t::TimeStamp. Referenced by analyseBeacon(), and analyseProbeRep(). |
|
||||||||||||||||
|
Get a Sequence Number of a BSSID and put it in the fifo of SeqNum TODO : Analyse also when it's not a broadcast packet ad a new array (Mac@ cli, SeqNum) Definition at line 371 of file analyse.c. References BroadcastMAC, ClientInfo, CompareAddMac(), HISTORY_SIZE, NumberOfDetectedClient, ClientInfo_t::SeqNum, and WLAN_GET_SEQ_SEQNUM. Referenced by analyseBeacon(), analyseMGMT(), analyseProbeRep(), analyseProbeReq(), and analysePSPOLL(). |
|
||||||||||||
|
Put the last IV find in packets Definition at line 392 of file analyse.c. References ClientInfo, CompareAddMac(), ClientInfo_t::LastIV, and NumberOfDetectedClient. |
|
|
Write the final report Definition at line 410 of file analyse.c. References AddMacToManufModel(), AddMacToManufName(), ClientInfo, NumberOfDetectedClient, and RateToString(). Referenced by main(). |
|
|
Write the .dot file with all informations we have Definition at line 508 of file analyse.c. References ClientInfo, and NumberOfDetectedClient. Referenced by main(). |
|
|
Definition at line 565 of file analyse.c. References debug, HISTO_SIGNAL_CHAN, HISTO_SIGNAL_SIZE, Statistics_t::MaxSignal, NumberOfDetectedClient, and Stats. Referenced by main(). |
|
|
Definition at line 616 of file analyse.c. References ClientInfo, COL_WND_PANEL, config, debug, ConfigStruct::DoNotDisplay, ConfigStruct::FirstNIC, HISTOSIZE, IS_BIT_SET, ClientInfo_t::Manuf, NumberOfDetectedClient, Panel_WND, POS_HISTO, POS_MAC, POS_SSID, Posit, Res, ROW_WND_PANEL, screen_mutex, ScanResult_t::Signal, ClientInfo_t::SNMax, ClientInfo_t::SNMed, and ScanResult_t::SrcMac. Referenced by main(). |
|
|
Function to calculate some stats Definition at line 738 of file analyse.c. References Statistics_t::AP, Statistics_t::Channel, ClientInfo_t::Channel, ClientInfo, NumberOfDetectedClient, Statistics_t::STA, and Stats. Referenced by WriteSummary(). |
|
|
IDS module : Analysis of Beacons Intervals Beacon interval history is suspect Definition at line 806 of file analyse.c. References ClientInfo, HISTORY_SIZE, NumberOfDetectedClient, and Send_IDS_Warning(). Referenced by IDS(). |
|
|
TS history is suspect Definition at line 838 of file analyse.c. References ClientInfo, HISTORY_SIZE, NumberOfDetectedClient, and Send_IDS_Warning(). Referenced by IDS(). |
|
|
Analyse SeqNumber variation to determine if a problem is occur, like an usurpation of MAC ADD SeqNum history is suspect Definition at line 884 of file analyse.c. References ClientInfo, debug, HISTORY_SIZE, NumberOfDetectedClient, and Send_IDS_Warning(). Referenced by IDS(). |
|
|
Definition at line 918 of file analyse.c. Referenced by IDS(). |
|
|
Function to analyse data and try to determine an Intrusion or a DOS Try also to determine a jammer like FakeAP ret == 0x01; Beacon interval history is suspect ret == 0x02; TS history is suspect ret == 0x04; SeqNum history is suspect Definition at line 929 of file analyse.c. References IDS_BcnInt(), IDS_Detect_FakeAP(), IDS_TimeStamp(), and IDS_Var_SeqNum(). Referenced by main(). |
|
|
Initial value:
"$Id: analyse.c,v 1.36 2005/02/23 11:36:52 poggij Exp $"
|
|
|
|
Definition at line 44 of file analyse.c. Referenced by DoSummary(), IDS_BcnInt(), IDS_TimeStamp(), IDS_Var_SeqNum(), LogDetectedClient(), LogPutBSSID(), LogPutChannel_byAddMac(), LogPutChannel_byBSSID(), LogPutDS(), LogPutIsAP(), LogPutIsP2P(), LogPutLastIV(), LogPutMaxRate(), LogPutOtherInformation(), LogPutRate(), LogPutSeqNum(), LogPutSN(), LogPutSSID_byAddMac(), LogPutSSID_byBSSID(), LogPutTimestamp(), LogPutWep(), LogWriteDOT(), LogWriteReport(), and WritePanel(). |
|
|
Initial value:
{ 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF }
Definition at line 45 of file analyse.c. Referenced by LogDetectedClient(), LogPutBSSID(), LogPutChannel(), LogPutSeqNum(), and LogPutSSID(). |
|
|
Definition at line 60 of file scanner.c. Referenced by InitScreen(), main(), RefreshAllWND(), RefreshRealTime_WND_th(), and WritePanel(). |
|
|
Definition at line 60 of file scanner.c. Referenced by debug(), debugTS(), DumpHexPaquets(), InitScreen(), main(), RefreshAllWND(), RefreshRealTime_WND_th(), and warning(). |
|
|
Definition at line 59 of file scanner.c. Referenced by analyseACK(), analyseBeacon(), analyseCTS(), analyseData(), analyseMGMT(), analyseProbeRep(), analyseProbeReq(), analysePSPOLL(), analyseRTS(), dataIsCrypted(), main(), processPacket(), ProcessTagBits(), selectChannel(), selectChannelWLAN(), UpdateOtherInformation(), and WritePanel(). |
|
|
Definition at line 61 of file scanner.c. Referenced by dataIsCrypted(), DoSummary(), LogWriteHisto(), main(), processPacket(), and WriteSummary(). |
|
|
Referenced by main(). |
|
|
Definition at line 57 of file scanner.c. Referenced by ChangeChannel_th(), closePacket(), debug(), debugTS(), DispConf(), fatal(), getPacket(), InitConfiguration(), main(), openCard(), openCardCISCO(), openPacket(), parse_keystring(), ParseCommandLine(), RefreshRealTime_WND_th(), selectChannel(), selectChannelCISCO(), Send_IDS_Warning(), shutCard(), shutCardCISCO(), warning(), WritePanel(), and WriteSummary(). |
|
|
MUTEX for lock screen, so only one func write to it at the same time.
Definition at line 66 of file scanner.c. Referenced by check_keys_th(), debug(), debugTS(), DumpHexPaquets(), main(), parse_keystring(), PrintScaleChannel(), RefreshAllWND(), RefreshRealTime_WND_th(), stop_signal(), warning(), WritePanel(), and WriteSummary(). |
1.4.1