Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 23:28:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
7932 commits 384 branches 195 tags 258 MiB
Commit graph

4 commits

Author SHA1 Message Date
Johanna Amann
8ba5c03538 Do not log SOCKS passwords by default. 
This introduces a new option, SOCKS::default_capture_password which can
be used to specify if Socks passwords are logged by default

Like fot FTP/HTTP, this option is set to false by default.

Addresses BIT-1791
 2017-12-01 14:36:57 -08:00
Seth Hall
9592f64225 Update the SOCKS analyzer to support user/pass login. 
- This addresses BIT-1011
 - Add a new field to socks.log; "password".
 - Two new events; socks_login_userpass and socks_login_reply.
 - One new weird for unsupported authentication method.
 - A new test for authenticated socks traffic.
 - Credit to Nicolas Retrain for the initial patch.  Thanks!
 2015-02-05 12:44:10 -05:00
Seth Hall
a60153060d SOCKS and tunnel test updates. 2012-06-20 14:19:49 -04:00
Seth Hall
896f252a31 Updates for the SOCKS analyzer. 
- Now supports SOCKSv5 in the analyzer and the DPD sigs.

- Reworked the core events.

- Tests.

- A SOCKS log!
 2012-06-20 13:58:25 -04:00