Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
1565 commits 386 branches 195 tags 256 MiB
Commit graph

1565 commits

This branch
This branch
All branches
Author SHA1 Message Date
Seth Hall
2131468b08 Merging this branch. It's working better than the existing code. 2011-10-25 11:17:19 -04:00
Seth Hall
c3c38fa54e Bumping the bro-aux submodule. 2011-10-25 11:16:47 -04:00
Seth Hall
dcc8d8456a Removed some fields from http analysis that weren't commonly needed or were wrong. 2011-10-25 09:32:31 -04:00
Seth Hall
320739e183 Updated/fixed MSIE version parsing in the software framework. 2011-10-25 09:30:06 -04:00
Jon Siwek
522e0e4d46 Update Mozilla trust roots to index certs by subject distinguished name. 2011-10-25 07:52:24 -05:00
Seth Hall
e6a8489780 Testing a fix for SSH login detection heuristic. 2011-10-25 00:01:04 -04:00
Seth Hall
7f838b6181 Merge branch 'topic/seth/weird-updates' 2011-10-24 23:47:31 -04:00
Robin Sommer
7d775e2e3f Updating submodule(s). 2011-10-24 09:35:51 -07:00
Robin Sommer
7d2442aceb Merge branch 'master' of ssh://git.bro-ids.org/bro 2011-10-24 09:35:36 -07:00
Robin Sommer
7a5cae1e99 Updating submodule(s). 2011-10-24 09:35:20 -07:00
Seth Hall
ff51068598 Fixing a bug with handling downgrade from weird conn to orig. 2011-10-22 01:13:15 -04:00
Seth Hall
7746f5b223 Final notice email tuning. 2011-10-21 23:08:56 -04:00
Seth Hall
0e79ec46b6 More notice email tuning. 2011-10-21 22:58:44 -04:00
Seth Hall
75e5caeff5 Attempt to make hostname notice email extension work and small format adjustments. 2011-10-21 22:51:56 -04:00
Seth Hall
9413e7f58c Merge branch 'master' of ssh://git.bro-ids.org/bro 2011-10-21 22:41:53 -04:00
Seth Hall
74240610c5 Fixed a problem with sending notice emails I introduced earlier. 2011-10-21 22:41:43 -04:00
Jon Siwek
8de668791a change distclean to only remove build dir 2011-10-21 15:19:26 -05:00
Robin Sommer
58a40ce29a Fixing typo. 2011-10-21 12:38:08 -07:00
Robin Sommer
f3dc92e7b4 Fixing link. 2011-10-21 12:29:57 -07:00
Seth Hall
d96bb4216f Light spellchecking. 2011-10-21 15:06:26 -04:00
Robin Sommer
4379c41926 Updating submodule(s). 2011-10-21 11:43:24 -07:00
Robin Sommer
6e14e9b805 Merge branch 'master' of ssh://git.bro-ids.org/bro 2011-10-21 11:42:35 -07:00
Robin Sommer
4d0d49ecc1 Merge branch 'master' of ssh://git.bro-ids.org/bro 2011-10-21 11:38:40 -07:00
Robin Sommer
f573881c58 Pass over upgrade guide. 2011-10-21 11:38:19 -07:00
Seth Hall
29bace02b2 More small weird refinements to reduce overload attacks. 2011-10-21 14:31:40 -04:00
Seth Hall
0cdcf490d6 Restoring former default weird behavior for unsolicited_SYN_response. 2011-10-21 14:17:54 -04:00
Seth Hall
f0b32b21ee weird.bro rewrite. 
- I want to test it for a short while before committing it to
  master just to make sure it is a sane modification.
 2011-10-21 14:08:54 -04:00
Seth Hall
892245316f Merge branch 'master' of ssh://git.bro-ids.org/bro 2011-10-21 14:03:43 -04:00
Seth Hall
8b56c54348 Slightly restructured http file hashing to fix a bug. 2011-10-21 14:03:31 -04:00
Seth Hall
43da40f2c6 Changed the notice name for interesting ssh logins to correctly reflect semantics of the notice. 
- SSH::Login_From_Interesting_Hostname is now SSH::Interesting_Hostname_Login

- Added some documentation.
 2011-10-21 14:03:03 -04:00
Seth Hall
3900d88e60 Field name change to notice framwork. $result -> $action 
- $result is renamed to $action to reflect changes to the notice framework
  since there is already another result-like field ($suppress_for) and
  there may be more in the future.

- Slipped in a change to add connection information to notice emails too.
 2011-10-21 14:01:39 -04:00
Seth Hall
8661abe9d9 Small script refinements and documentation updates. 2011-10-21 13:58:58 -04:00
Robin Sommer
5e5e29f345 Fixing crash with unknown debug streams. 
Closes #643.
 2011-10-21 10:48:46 -07:00
Robin Sommer
c8dfdb4492 Merge remote-tracking branch 'origin/topic/robin/interpreter-exceptions' 
* origin/topic/robin/interpreter-exceptions:
  Adding test for new error handling.
  Experimental code to better handle interpreter errors.

This seems to work fine and it catches some potentially nasty crashes
so I'm merging it in even though it's not the final word on error
handling yet. #646 tracks the work scheduled for later.
 2011-10-21 10:35:32 -07:00
Jon Siwek
59015da59f make dist now cleans the copied source 2011-10-19 15:39:49 -05:00
Jon Siwek
b32d8fd00f Remove old make-src-packages script. 2011-10-19 11:40:40 -05:00
Jon Siwek
fb7649a8e2 Adding note to quickstart about MacPorts swig packages. 2011-10-19 11:39:42 -05:00
Jon Siwek
edf8b3a5fc Update submodules 2011-10-19 11:35:53 -05:00
Jon Siwek
792b7afddb Update submodules 2011-10-18 23:08:47 -05:00
Jon Siwek
b21eb81977 Update submodules 2011-10-18 22:57:15 -05:00
Jon Siwek
be7ca62384 New make dist/distclean targets 2011-10-18 22:06:26 -05:00
Robin Sommer
dac72fe614 Updating submodule(s). 2011-10-18 19:45:52 -07:00
Robin Sommer
63b46a0ae2 Fixing a bunch of format strings. 
Also leveraging GCC if available to check format specificier.

Closes #567.
 2011-10-18 17:39:40 -07:00
Robin Sommer
d86525ce61 Merge branch 'topic/robin/cleanup' 
* topic/robin/cleanup:
  Cleaning up some distribution files.
 2011-10-18 14:21:54 -07:00
Robin Sommer
aa6fb0a02b Merge branch 'master' of ssh://git.bro-ids.org/bro 2011-10-18 12:01:13 -07:00
Robin Sommer
194c9c21d1 Distribution cleanup and documentation setupt tweaks. 2011-10-18 12:00:28 -07:00
Jon Siwek
24f3eb7fc2 Fix test failure due to some platforms joining stderr/stdout differently. 2011-10-17 13:53:10 -05:00
Jon Siwek
556b88e322 Tweaking notice suppression disable and notice policy order tests. 
They should be less sensitive to script-layer changes now.
 2011-10-14 10:47:32 -05:00
Jon Siwek
d84de52ee0 Don't install test-all-policy.bro script as it's for testing only. 
Addresses #622
 2011-10-12 12:42:12 -05:00
Seth Hall
da28a41512 Merge branch 'master' of ssh://git.bro-ids.org/bro 2011-10-11 11:57:22 -04:00