Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Add a signature for SMB

Browse source
This commit is contained in:
Seth Hall 2016-03-07 16:03:31 -05:00
parent 6e842cf4da
commit c63ad1cdcf
2 changed files with 8 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
scripts/base/protocols/smb/__load__.bro
View file

@ -6,3 +6,5 @@
@load ./smb1-main @load ./smb1-main
@load ./smb2-main @load ./smb2-main
@load ./files @load ./files
@load-sigs ./dpd.sig

5
scripts/base/protocols/smb/dpd.sig Normal file
View file

@ -0,0 +1,5 @@
signature dpd_smb {
ip-proto == tcp
payload /^....[\xfe\xff]SMB/
enable "smb"
}