mirror of
https://github.com/zeek/zeek.git
synced 2025-10-16 05:28:20 +00:00
Add simple XMPP StartTLS analyzer.
This is a very simple XMPP analyzer that basically only can parse the protocol until the client and server start negotiating a TLS session. At that point, the TLS analyzer is attached. While the basic case seems to be working, I fully expect that I missed something and that this might break in a lot of cases.
This commit is contained in:
Johanna Amann
parent
748450c61f
commit
574bcb0a51
17 changed files with 314 additions and 0 deletions
11
scripts/base/protocols/xmpp/main.bro
Normal file
11
scripts/base/protocols/xmpp/main.bro
Normal file
|
|
@ -0,0 +1,11 @@
|
|||
|
||||
module XMPP;
|
||||
|
||||
const ports = { 5222/tcp, 5269/tcp };
|
||||
redef likely_server_ports += { ports };
|
||||
|
||||
event bro_init() &priority=5
|
||||
{
|
||||
Analyzer::register_for_ports(Analyzer::ANALYZER_XMPP, ports);
|
||||
}
|
||||
|
||||
Loading…
Add table
Add a link
Reference in a new issue