mirror of
https://github.com/zeek/zeek.git
synced 2025-10-08 17:48:21 +00:00
Basic IMAP StartTLS analyzer.
Parses certificates out of imap connections using StartTLS. Aborts processing if StartTLS is not found.
This commit is contained in:
Johanna Amann
parent
871b340ade
commit
4a5737708c
17 changed files with 331 additions and 0 deletions
11
scripts/base/protocols/imap/main.bro
Normal file
11
scripts/base/protocols/imap/main.bro
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
|
||||
module IMAP;
|
||||
|
||||
const ports = { 143/tcp };
|
||||
redef likely_server_ports += { ports };
|
||||
|
||||
event bro_init() &priority=5
|
||||
{
|
||||
Analyzer::register_for_ports(Analyzer::ANALYZER_IMAP, ports);
|
||||
}
|
||||
|
||||
Loading…
Add table
Add a link
Reference in a new issue