如何使用 Azure Mgmt SDK fluent 获取端点统计信息和危险端点列表
How to get list of Endpoint Statistics and Dangerous Endpoints by using of Azure Mgmt SDK fluent
我正在使用 https://www.nuget.org/packages/Microsoft.Azure.Management.Fluent 以编程方式(C#.NET-Core Web 应用程序)在 Azure 中获取资源,并尝试通过提供如下服务主体 (CS) 来获取资源信息...
string subscriptionId = "xxx";
string clientId = "xxx";
string tenantId = "xxx";
string clientSecret = "xxx";
AzureCredentials cred = new AzureCredentialsFactory()
.FromServicePrincipal(
clientId,
clientSecret,
tenantId,
AzureEnvironment.AzureGlobalCloud
);
var azure = Azure.Configure()
.WithLogLevel(HttpLoggingDelegatingHandler.Level.Basic)
.Authenticate(cred)
.WithSubscription(subscriptionId);
用于找出端点统计信息(遍历 NSG 中的开放端口并详细列出它们)和[=20=的任何示例代码(C#.NET-Core Web 应用程序) ]危险端点(遍历 NSG 中的开放端口并识别 3389/22 等端口)。
以上请指教
谢谢
如果你的意思是在 NSG -> Inbound security rules 中列出所有端口,如下图所示:
然后您可以使用如下代码:
foreach (var nsg in azure.NetworkSecurityGroups.List())
{
var rules = nsg.SecurityRules;
foreach (var r in rules)
{
Console.WriteLine($"*** the NSG: {r.Value.Name} ***");
if (r.Value.DestinationPortRange != null)
{
//after you get the port, you can apply your logic here.
Console.WriteLine(r.Value.DestinationPortRange);
}
if (r.Value.DestinationPortRanges != null)
{
foreach (var port in r.Value.DestinationPortRanges)
{
//after you get the port, you can apply your logic here.
Console.WriteLine(port);
}
}
Console.WriteLine("**end**");
}
}
感谢@ivan Yang 的回复和帮助...
下面是工作代码,我根据我的
修改了你的代码
var ntwrrkDetails = new List<EndTcpPorts>();
EndTcpPorts objEndTcpPorts; // cls object
foreach (var nsg in azure.NetworkSecurityGroups.List())
{
objEndTcpPorts = new EndTcpPorts();
objEndTcpPorts.ResourceGroup = nsg.ResourceGroupName.ToString();
try
{
var rules = nsg.SecurityRules;
foreach (var r in rules)
{
try
{
objEndTcpPorts.NSGName = r.Value.Name.ToString();
}
catch (Exception)
{
objEndTcpPorts.NSGName = "";
}
if (r.Value.DestinationPortRanges != null)
{
try
{
//get ports
objEndTcpPorts.TcpPorts = r.Value.DestinationPortRange.ToString(); //((Microsoft.Azure.Management.ResourceManager.Fluent.Core.IndexableWrapper<Microsoft.Azure.Management.Network.Fluent.Models.SecurityRuleInner>)r.Value).Inner.Protocol.Value.ToString();
}
catch (Exception)
{
objEndTcpPorts.TcpPorts = "";
}
}
}
}
catch (Exception)
{
continue;
}
ntwrrkDetails.Add(objEndTcpPorts); // add to list
}
现在我们可以将 tcp 端口中的(危险端点)检查为 NSG 中的开放端口,并识别 3389/22 或 *.. 等端口
非常感谢,
我正在使用 https://www.nuget.org/packages/Microsoft.Azure.Management.Fluent 以编程方式(C#.NET-Core Web 应用程序)在 Azure 中获取资源,并尝试通过提供如下服务主体 (CS) 来获取资源信息...
string subscriptionId = "xxx";
string clientId = "xxx";
string tenantId = "xxx";
string clientSecret = "xxx";
AzureCredentials cred = new AzureCredentialsFactory()
.FromServicePrincipal(
clientId,
clientSecret,
tenantId,
AzureEnvironment.AzureGlobalCloud
);
var azure = Azure.Configure()
.WithLogLevel(HttpLoggingDelegatingHandler.Level.Basic)
.Authenticate(cred)
.WithSubscription(subscriptionId);
用于找出端点统计信息(遍历 NSG 中的开放端口并详细列出它们)和[=20=的任何示例代码(C#.NET-Core Web 应用程序) ]危险端点(遍历 NSG 中的开放端口并识别 3389/22 等端口)。
以上请指教
谢谢
如果你的意思是在 NSG -> Inbound security rules 中列出所有端口,如下图所示:
然后您可以使用如下代码:
foreach (var nsg in azure.NetworkSecurityGroups.List())
{
var rules = nsg.SecurityRules;
foreach (var r in rules)
{
Console.WriteLine($"*** the NSG: {r.Value.Name} ***");
if (r.Value.DestinationPortRange != null)
{
//after you get the port, you can apply your logic here.
Console.WriteLine(r.Value.DestinationPortRange);
}
if (r.Value.DestinationPortRanges != null)
{
foreach (var port in r.Value.DestinationPortRanges)
{
//after you get the port, you can apply your logic here.
Console.WriteLine(port);
}
}
Console.WriteLine("**end**");
}
}
感谢@ivan Yang 的回复和帮助...
下面是工作代码,我根据我的
修改了你的代码 var ntwrrkDetails = new List<EndTcpPorts>();
EndTcpPorts objEndTcpPorts; // cls object
foreach (var nsg in azure.NetworkSecurityGroups.List())
{
objEndTcpPorts = new EndTcpPorts();
objEndTcpPorts.ResourceGroup = nsg.ResourceGroupName.ToString();
try
{
var rules = nsg.SecurityRules;
foreach (var r in rules)
{
try
{
objEndTcpPorts.NSGName = r.Value.Name.ToString();
}
catch (Exception)
{
objEndTcpPorts.NSGName = "";
}
if (r.Value.DestinationPortRanges != null)
{
try
{
//get ports
objEndTcpPorts.TcpPorts = r.Value.DestinationPortRange.ToString(); //((Microsoft.Azure.Management.ResourceManager.Fluent.Core.IndexableWrapper<Microsoft.Azure.Management.Network.Fluent.Models.SecurityRuleInner>)r.Value).Inner.Protocol.Value.ToString();
}
catch (Exception)
{
objEndTcpPorts.TcpPorts = "";
}
}
}
}
catch (Exception)
{
continue;
}
ntwrrkDetails.Add(objEndTcpPorts); // add to list
}
现在我们可以将 tcp 端口中的(危险端点)检查为 NSG 中的开放端口,并识别 3389/22 或 *.. 等端口
非常感谢,