Service

The Service class describes a network service of a host or network. The service is identified by specific port or list of ports, along with the application listening on that port.

digraph Service { graph [rankdir=LR]; node [label="\N"]; graph [bb="0,0,544,188"]; Service [label=<<table BORDER="0" CELLBORDER="1" CELLSPACING="0"> <tr > <td BGCOLOR="#182f5f" HREF="/idmef_parser/IODEF/Service.html" TITLE="The Service class describes a network service of a host or network. The service is identified by specific port or list of ports, along with the application listening on that port. ">Service</td> </tr>" %<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Service.html" TITLE="A port number.">[INTEGER] Port (0..1) </td></tr>%<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Service.html" TITLE="A list of port numbers formatted according to Section 2.10.">[PORTLIST] Portlist (0..1) </td></tr>%<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Service.html" TITLE="A layer-4 protocol-specific code field (e.g., ICMP code field).">[INTEGER] ProtoCode (0..1) </td></tr>%<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Service.html" TITLE="A layer-4 protocol specific type field (e.g., ICMP type field).">[INTEGER] ProtoType (0..1) </td></tr>%<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Service.html" TITLE="A layer-4 protocol specific flag field (e.g., TCP flag field).">[INTEGER] ProtoFlags (0..1) </td></tr>%<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Service.html" TITLE="The IANA protocol number.">[INTEGER] ip_protocol (Required) </td></tr>%</table>>, shape=plaintext, pos="129,94", width="3.5556", height="2.0694"]; Application [label=<<table BORDER="0" CELLBORDER="1" CELLSPACING="0"> <tr > <td BGCOLOR="#182f5f" HREF="/idmef_parser/IODEF/Application.html" TITLE="The Application class describes an application running on a System providing a Service. ">Application</td> </tr>" %<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Application.html" TITLE="A URL describing the application.">[URL] URL (0..1) </td></tr>%<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Application.html" TITLE="An identifier that can be used to reference this software.">[STRING] swid (Optional) </td></tr>%<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Application.html" TITLE="An identifier that can be used to reference a particular configuration of this software.">[STRING] configid (Optional) </td></tr>%<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Application.html" TITLE="Vendor name of the software.">[STRING] vendor (Optional) </td></tr>%<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Application.html" TITLE="Family of the software.">[STRING] family (Optional) </td></tr>%<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Application.html" TITLE="Name of the software.">[STRING] name (Optional) </td></tr>%<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Application.html" TITLE="Version of the software.">[STRING] version (Optional) </td></tr>%<tr><td BGCOLOR="#284f9f" HREF="/idmef_parser/IODEF/Application.html" TITLE="Patch or service pack level of the software.">[STRING] patch (Optional) </td></tr>%</table>>, shape=plaintext, pos="432,94", width="3.0833", height="2.625"]; Service -> Application [label="0..*", pos="e,320.4,94 257.94,94 275.31,94 293.08,94 310.32,94", lp="289,102.5"]; }


Aggregates

Port (0..1)

A port number.

Portlist (0..1)

A list of port numbers formatted according to Section 2.10.

ProtoCode (0..1)

A layer-4 protocol-specific code field (e.g., ICMP code field).

ProtoType (0..1)

A layer-4 protocol specific type field (e.g., ICMP type field).

ProtoFlags (0..1)

A layer-4 protocol specific flag field (e.g., TCP flag field).

Application (0..*)

The application bound to the specified Port or Portlist.

Attributes

ip_protocol (Required)

The IANA protocol number.


IDMEF


IODEF