package Linux;

main::pdebug "Loading Linux rule now ...", 6.1;

#
CIAC_J035 - 
# ESB-1999.039 -- CIAC Bulletin J-035
# Linux Blind TCP
Spoofing
# 22 March 1999
sub CIAC_J035 {
	my($description) =
"CIAC_J035";
	
	# The uname array has something like this in it:
	# Linux
(none) 2.0.34 #1 Fri May 8 16:05:57 EDT 1998 i486 unknown
	my($version) =
(main::uname())[2];
	@frag = split('\.', $version);
	if (( $frag[0] <= 2 )
&& ($frag[1] <= 0) && ($frag[2] <= 36)) {
		# This rule is triggered if the
version of the Linux kernel
		# running on this machine is less than a
known level. Note 
		# that we record the string "Linux-$version" using the

		# kernel version of this system so that the "known_facts" 
		# will
match it when the "rule_engine" chews over all the
plans.
		$main::new_plans{"u -1 v Linux-$version"} = $description;

}
}

my(@uname) = main::uname();
if ( "$uname[0]" =~ /Linux/ ) {

main::pdebug "Invoking Linux rule set\n", 6.3;
    CIAC_J035();
} else {

main::pdebug "Skipping run_Linux rules\n", 6.3;
}