Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-17 14:08:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Move the SMB analyzer out of the default load.

Browse source 
This also adds a note in the local.bro script about enabling
the SMB analyzer.
This commit is contained in:
Seth Hall 2016-06-14 15:34:00 -04:00
parent e2fb7591f4
commit 134d0922d5
11 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

5
scripts/policy/protocols/smb/dpd.sig Normal file
View file

@ -0,0 +1,5 @@
signature dpd_smb {
ip-proto == tcp
payload /^....[\xfe\xff]SMB/
enable "smb"
}