Spelling fixes: scripts

* accessing
* across
* adding
* additional
* addresses
* afterwards
* analyzer
* ancillary
* answer
* associated
* attempts
* because
* belonging
* buffer
* cleanup
* committed
* connects
* database
* destination
* destroy
* distinguished
* encoded
* entries
* entry
* hopefully
* image
* include
* incorrect
* information
* initial
* initiate
* interval
* into
* java
* negotiation
* nodes
* nonexistent
* ntlm
* occasional
* omitted
* otherwise
* ourselves
* paragraphs
* particular
* perform
* received
* receiver
* referring
* release
* repetitions
* request
* responded
* retrieval
* running
* search
* separate
* separator
* should
* synchronization
* target
* that
* the
* threshold
* timeout
* transaction
* transferred
* transmission
* triggered
* vetoes
* virtual

Signed-off-by: Josh Soref <2119212+jsoref@users.noreply.github.com>

scripts/base/protocols/conn/thresholds.zeek

@@ -53,7 +53,7 @@ export {
 	##
 	## threshold: Threshold in bytes to remove.
 	##
-	## is_orig: If true, threshold is removed for packets from originator, otherwhise for packets from responder.
+	## is_orig: If true, threshold is removed for packets from originator, otherwise for packets from responder.
 	##
 	## Returns: T on success, F on failure.
 	global delete_bytes_threshold: function(c: connection, threshold: count, is_orig: bool): bool;

scripts/base/protocols/dce-rpc/consts.zeek

@@ -2733,7 +2733,7 @@ export {
 		["e33c0cc4-0482-101a-bc0c-02608c6ba218",0x05] = "I_nsi_entry_object_inq_done",
 		["e33c0cc4-0482-101a-bc0c-02608c6ba218",0x06] = "I_nsi_entry_object_inq_begin",
 
-		# lsacap - MSDN Ref: Central Access Policy Identifier Retreival Protocol [ms-capr]
+		# lsacap - MSDN Ref: Central Access Policy Identifier Retrieval Protocol [ms-capr]
 		["afc07e2e-311c-4435-808c-c483ffeec7c9",0x00] = "LsarGetAvailableCAPIDs",
 
 		# NetEventForwarder - MSDN Ref: Live Remote Event Capture Protocol [ms-lrec]

scripts/base/protocols/dhcp/main.zeek

@@ -86,7 +86,7 @@ export {
 		client_chaddr:  string      &optional;
 	};
 
-	## The maximum amount of time that a transation ID will be watched
+	## The maximum amount of time that a transaction ID will be watched
 	## for to try and tie messages together into a single DHCP
 	## transaction narrative.
 	option DHCP::max_txid_watch_time = 30secs;

scripts/base/protocols/krb/files.zeek

@@ -47,7 +47,7 @@ function describe_file(f: fa_file): string
 	# we do not know when this function is called (hence, if the data structures
 	# are already populated).
 	#
-	# Just return a bit of our connection information and hope that that is good enough.
+	# Just return a bit of our connection information and hope that is good enough.
 	for ( _, c in f$conns )
 		{
 		if ( c?$krb )

scripts/base/protocols/krb/main.zeek

@@ -54,7 +54,7 @@ export {
 	option ignored_errors: set[string] = {
 		# This will significantly increase the noisiness of the log.
 		# However, one attack is to iterate over principals, looking
-		# for ones that don't require preauth, and then performn
+		# for ones that don't require preauth, and then perform
 		# an offline attack on that ticket. To detect that attack,
 		# log NEEDED_PREAUTH.
 		"NEEDED_PREAUTH",

scripts/base/protocols/rdp/main.zeek

@@ -21,7 +21,7 @@ export {
 		## This is typically a username.
 		cookie:                string  &log &optional;
 		## Status result for the connection.  It's a mix between
-		## RDP negotation failure messages and GCC server create
+		## RDP negotiation failure messages and GCC server create
 		## response messages.
 		result:                string  &log &optional;
 		## Security protocol chosen by the server.

scripts/base/protocols/smb/smb2-main.zeek

@@ -284,7 +284,7 @@ event smb2_file_delete(c: connection, hdr: SMB2::Header, file_id: SMB2::GUID, de
 
 	if ( ! delete_pending )
 		{
-		# This is weird beause it would mean that someone didn't
+		# This is weird because it would mean that someone didn't
 		# set the delete bit in a delete request.
 		return;
 		}

scripts/base/protocols/snmp/main.zeek

@@ -18,7 +18,7 @@ export {
 		## The connection's 5-tuple of addresses/ports (ports inherently
 		## include transport protocol information)
 		id: conn_id &log;
-		## The amount of time between the first packet beloning to
+		## The amount of time between the first packet belonging to
 		## the SNMP session and the latest one seen.
 		duration: interval &log &default=0secs;
 		## The version of SNMP being used.

scripts/base/protocols/socks/main.zeek

@@ -17,7 +17,7 @@ export {
 		## Time when the proxy connection was first detected.
 		ts:               time            &log;
 		## Unique ID for the tunnel - may correspond to connection uid
-		## or be non-existent.
+		## or be nonexistent.
 		uid:              string          &log;
 		## The connection's 4-tuple of endpoint addresses/ports.
 		id:               conn_id         &log;

scripts/base/protocols/ssh/main.zeek

@@ -28,7 +28,7 @@ export {
 		version:         count        &log &optional;
 		## Authentication result (T=success, F=failure, unset=unknown)
 		auth_success:    bool         &log &optional;
-		## The number of authentication attemps we observed. There's always
+		## The number of authentication attempts we observed. There's always
 		## at least one, since some servers might support no authentication at all.
 		## It's important to note that not all of these are failures, since
 		## some servers require two-factor auth (e.g. password AND pubkey)
@@ -125,7 +125,7 @@ redef record Info += {
 	# Store capabilities from the first host for
 	# comparison with the second (internal use)
 	capabilities: Capabilities &optional;
-	## Analzyer ID
+	## Analyzer ID
 	analyzer_id: count         &optional;
 };
 

scripts/base/protocols/ssl/files.zeek

@@ -6,7 +6,7 @@
 module SSL;
 
 export {
-	## Set this to true to includd the server certificate subject and
+	## Set this to true to include the server certificate subject and
 	## issuer from the SSL log file. This information is still available
 	## in x509.log.
 	const log_include_server_certificate_subject_issuer = F &redef;
@@ -80,7 +80,7 @@ function describe_file(f: fa_file): string
 	# we do not know when this function is called (hence, if the data structures
 	# are already populated).
 	#
-	# Just return a bit of our connection information and hope that that is good enough.
+	# Just return a bit of our connection information and hope that is good enough.
 	for ( _, c in f$conns )
 		{
 		if ( c?$ssl )