Mirror/zeek - git.uphillsecurity.com: We code.

mirror of https://github.com/zeek/zeek.git synced 2025-10-11 11:08:20 +00:00

Author	SHA1	Message	Date
Seth Hall	efca3c0840	Merge remote-tracking branch 'origin/master' into topic/seth/unified2-analyzer Conflicts: testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log	2013-08-14 00:54:41 -04:00
Seth Hall	35dfdf7288	Merge remote-tracking branch 'origin/topic/seth/intel-updates' * origin/topic/seth/intel-updates: Fixing intel framework tests. Add file name support to intel framework. Add file support to intel framework and slightly restructure intel http handling.	2013-08-13 23:53:55 -04:00
Seth Hall	a98c78c0d1	Fixing intel framework tests.	2013-08-13 23:49:39 -04:00
Robin Sommer	b8f47cc3db	Updating submodule(s). [nomail]	2013-08-13 18:44:13 -07:00
Robin Sommer	83eae53f54	Merge remote-tracking branch 'origin/topic/seth/unified2-analyzer' BIT-1054 #merged * origin/topic/seth/unified2-analyzer: Fixes in case a packet isn't seen that matches an event. Finished work on unified2 analyzer. Fixed some tests. Working unified2 analyzer. Unified2 file analyzer updated to new plugin style. Adding the unified2 analyzer. Conflicts: testing/btest/Baseline/coverage.bare-load-baseline/canonified_loaded_scripts.log testing/btest/Baseline/coverage.default-load-baseline/canonified_loaded_scripts.log	2013-08-13 18:37:52 -07:00
Robin Sommer	534d4934b7	Starting to put a new structure in place. I'll go through the various parts next and clean things up for the new structure.	2013-08-13 17:18:28 -07:00
Seth Hall	ed14bdc77e	Add file name support to intel framework.	2013-08-13 13:21:31 -04:00
Seth Hall	0bde911bd4	Add file support to intel framework and slightly restructure intel http handling.	2013-08-13 13:21:08 -04:00
Seth Hall	e0de1a2d00	Fixes in case a packet isn't seen that matches an event.	2013-08-13 08:55:11 -04:00
Seth Hall	f7c6dd7f7e	Finished work on unified2 analyzer.	2013-08-13 03:21:43 -04:00
anthonykasza	c9313df382	levenshtein distance function unit test	2013-08-12 21:29:57 -05:00
Robin Sommer	d4820cd43b	Updating submodule(s). [nomail]	2013-08-12 16:18:55 -07:00
Robin Sommer	2bef4111a3	Updating submodule(s). [nomail]	2013-08-12 16:05:14 -07:00
Robin Sommer	b72c2a9764	Fixing bug in DNP3 analyzer flagged by compiler warning.	2013-08-12 14:38:37 -07:00
Robin Sommer	3780cab38b	Updating submodule(s). [nomail]	2013-08-12 14:18:20 -07:00
Robin Sommer	4697158898	Updating submodule(s). [nomail]	2013-08-12 14:15:41 -07:00
Robin Sommer	aec77c7cfe	Merge remote-tracking branch 'origin/master' into topic/documentation Conflicts: doc/index.rst doc/scripts/builtins.rst testing/btest/btest.cfg	2013-08-12 14:03:49 -07:00
Seth Hall	95161a920c	Fixed some tests.	2013-08-12 15:31:31 -04:00
Seth Hall	091c8f3ebc	Working unified2 analyzer. - No output by default yet. Most of the activity is centered around generating the Unified2::alert event which ties together an IDSEvent and a packet.	2013-08-12 14:57:12 -04:00
Robin Sommer	47bf045893	Updating submodule(s). [nomail]	2013-08-12 11:53:52 -07:00
Robin Sommer	45f1b89f60	Merge branch 'topic/robin/dnp3-merge-v3' Includes a bit more docs/comments cleanup. We should eventually document the events further but it should suffice for now. * topic/robin/dnp3-merge-v3: Tiny bit of cleanup and adapting the new test. added a test case for dnp3 packets with only link layer added condition to check DNP3 packet without app layer data Fixing well-known port. Pluginizing the DNP3 analyzer, plus a basic script logging requests and replies.	2013-08-12 11:39:03 -07:00
Bernhard Amann	baef38976d	Merge remote-tracking branch 'origin/topic/bernhard/hyperloglog' into topic/bernhard/hyperloglog	2013-08-12 09:50:43 -07:00
Bernhard Amann	2a684cd486	Merge remote-tracking branch 'origin/master' into topic/bernhard/hyperloglog	2013-08-12 09:48:03 -07:00
Bernhard Amann	d83edf8068	Merge remote-tracking branch 'origin/master' into topic/bernhard/hyperloglog Conflicts: src/NetVar.cc src/NetVar.h src/SerialTypes.h src/probabilistic/CMakeLists.txt testing/btest/scripts/base/frameworks/sumstats/basic-cluster.bro testing/btest/scripts/base/frameworks/sumstats/basic.bro	2013-08-12 09:47:53 -07:00
Robin Sommer	a927189bdb	Tiny bit of cleanup and adapting the new test.	2013-08-11 16:20:08 -07:00
Hui Lin	bced60f7a8	added a test case for dnp3 packets with only link layer	2013-08-11 16:02:44 -07:00
Hui Lin	21d45a435c	added condition to check DNP3 packet without app layer data Conflicts: src/analyzer/protocol/dnp3/DNP3.cc	2013-08-11 16:02:27 -07:00
Robin Sommer	36c2433075	Fixing well-known port. This fixes the remaining test.	2013-08-11 15:59:32 -07:00
anthonykasza	d80ad3a06e	levenshtein distance	2013-08-11 00:11:41 -05:00
Seth Hall	48a190276a	Merge remote-tracking branch 'origin/master' into topic/seth/unified2-analyzer	2013-08-10 22:26:35 -04:00
Seth Hall	04de4ce24b	Unified2 file analyzer updated to new plugin style.	2013-08-10 22:26:32 -04:00
Robin Sommer	0e7f51f78c	Merge branch 'master' into topic/robin/dnp3-merge-v3 Conflicts: scripts/base/init-default.bro	2013-08-09 17:11:51 -07:00
Robin Sommer	b71dc5d8ff	Updating submodule(s). [nomail]	2013-08-09 17:06:30 -07:00
Robin Sommer	937afb3e7b	Updating submodule.	2013-08-09 15:34:32 -07:00
Robin Sommer	214272b8e3	Merge remote-tracking branch 'origin/topic/jsiwek/load-order-fix' * origin/topic/jsiwek/load-order-fix: Update coverage baselines for canonical load order of scripts.	2013-08-09 15:32:30 -07:00
Robin Sommer	c05ee4d907	Merge remote-tracking branch 'origin/fastpath' * origin/fastpath: Fix mem leak in DHCP analyzer. Fix a unit test outdated by recent sumstats changes.	2013-08-09 15:31:59 -07:00
Jon Siwek	4bdbd1762d	Update coverage baselines for canonical load order of scripts.	2013-08-09 11:26:49 -05:00
Jon Siwek	b2392aa452	Fix mem leak in DHCP analyzer.	2013-08-09 09:51:09 -05:00
Jon Siwek	db7b6661fe	Fix a unit test outdated by recent sumstats changes.	2013-08-09 09:50:05 -05:00
Seth Hall	a6eb7bb9df	Merge remote-tracking branch 'origin/master' into topic/seth/unified2-analyzer Conflicts: src/CMakeLists.txt	2013-08-08 20:53:54 -04:00
Seth Hall	e52b174594	Fix the SSL infinite loop I just created.	2013-08-05 17:29:39 -04:00
Seth Hall	595e2f3c8a	Change to SSL log delay to cause the log to write even if delay times out.	2013-08-05 16:45:05 -04:00
Robin Sommer	2f0671aeeb	Updating tests for DHCP.	2013-08-03 20:50:33 -07:00
Robin Sommer	e7aefcdf36	Merge branch 'master' into topic/robin/dhcp-merge	2013-08-03 19:14:01 -07:00
Robin Sommer	308db797c3	Merge remote-tracking branch 'origin/topic/vladg/dhcp' * origin/topic/vladg/dhcp: DHCP: Adding unit tests. DHCP: Rework the DHCP analyzer to make it compatible again.	2013-08-03 19:14:00 -07:00
Matthias Vallentin	e226781a3c	Remove debugging code.	2013-08-03 16:55:29 +02:00
Matthias Vallentin	c526ebcfeb	Update baseline with now correct FP tests.	2013-08-03 16:54:47 +02:00
Seth Hall	1eadeaec3c	Fix a major memory issue in the SumStats framework. - There are still problems, but this should prevent a deadlock issue and help with memory use.	2013-08-03 01:57:51 -04:00
Seth Hall	56de65461e	Merge remote-tracking branch 'origin/topic/seth/sumstats-updates' * origin/topic/seth/sumstats-updates: Still fixing bugs in sumstats updated api cluster support. Hopefully fix the SumStats cluster support. Fix the SumStats top-k plugin and test. Updates for SumStats API to deal with high memory stats. Beginning rework of SumStats API. Tiny fix to account for missing str field (not sure how this happens yet) Add server samples to SSH bruteforce detection. Fix a reporter message in sumstats. SumStats changes to how thresholding works to simplify and reduce memory use. More adjustments to try and correct SumStats memory use. Hopefully fixing a strange error. Large update for the SumStats framework.	2013-08-02 22:37:39 -04:00
Seth Hall	ffe89e9cc0	Merge remote-tracking branch 'origin/master' into topic/seth/sumstats-updates	2013-08-02 22:23:02 -04:00

... 11 12 13 14 15 ...

4693 commits