network.detectors
Class OutsideDomainLoginEventDetector

java.lang.Object
  network.detectors.EventDetector
      network.detectors.OutsideDomainLoginEventDetector

All Implemented Interfaces:

java.lang.Runnable, java.io.Serializable

public class OutsideDomainLoginEventDetector

extends EventDetector

implements java.io.Serializable

Detects logins from outside the domain.

See Also:

Serialized Form

Field Summary

Fields inherited from class network.detectors.EventDetector

agentURN, cred, dbModule, eventIDGenerator, eventTable, host, localTriggeringEvents, remoteTriggeringEvents, reportTable

Constructor Summary

OutsideDomainLoginEventDetector(ConfigObject configObj)
Creates an OutsideDomainLoginEventDetector with the default domain hosts file specified in AdminClient

OutsideDomainLoginEventDetector(java.lang.String domainHostsFile)
Creates an OutsideDomainLoginEventDetector with the specified domain hosts file

Method Summary

java.util.Vector	generateEvent(Event triggeredEvent) Detects if a login is from a local host or from an outside domain This is accomplished by comparing the host from which a user is loggin in and comparing it to a list of known local hosts.
java.lang.String	getGeneratingEventClassName() Returns the name of the event that this detector generates
static void	parseDomainHostsFile(java.lang.String domainHostsFile, java.util.Vector localHosts) Parses the domain hosts configuration file.

Methods inherited from class network.detectors.EventDetector

getAlarmLevel, getAlertLevel, getLocalTriggeringEventClassNames, getRemoteTriggeringEventClassNames, getSynchronizer, InitializeFields, modifyDetector, populatePatterns, printRunningThreads, run, setAgentURN, setAlarmLevel, setAlertLevel, setDB, setEventIDGenerator, setEventTable, setLocalTriggeringEvents, setRemoteTriggeringEvents, setReportTable, stopDetector, switchOffPrintRunningThreads

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

OutsideDomainLoginEventDetector

public OutsideDomainLoginEventDetector(ConfigObject configObj)

Creates an OutsideDomainLoginEventDetector with the default domain hosts file specified in AdminClient

OutsideDomainLoginEventDetector

public OutsideDomainLoginEventDetector(java.lang.String domainHostsFile)

Creates an OutsideDomainLoginEventDetector with the specified domain hosts file

Parameters:

domainHostsFile - the path to a domain hosts file

Method Detail

getGeneratingEventClassName

public java.lang.String getGeneratingEventClassName()

Returns the name of the event that this detector generates

Specified by:

getGeneratingEventClassName in class EventDetector

Returns:

A String containing the name of the event that this detector generates

generateEvent

public java.util.Vector generateEvent(Event triggeredEvent)

Detects if a login is from a local host or from an outside domain This is accomplished by comparing the host from which a user is loggin in and comparing it to a list of known local hosts. These local hosts are specified in the domain hosts configuration file

Specified by:

generateEvent in class EventDetector

Parameters:

triggeredEvent - The event that triggers this detector. Should be an instance of LoginEvent

Returns:

A vector of events. Each element corresponds to one detected login from an outside domain

parseDomainHostsFile

public static void parseDomainHostsFile(java.lang.String domainHostsFile,
                                        java.util.Vector localHosts)

Parses the domain hosts configuration file. The domain hosts file consists of a single IP or range of IPs per line, eg 1.2.3.4 1.2.3 Comments are lines beginning with #