Mirror/zeek - git.uphillsecurity.com: We code.

Mirror/zeek

Fork 0

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00

Commit graph

Author SHA1 Message Date

Author	SHA1	Message	Date
Arne Welzel	0a1568f1a1	mysql: Introduce mysql_ssl_request event This should've been added with `fa48c885` for completion. Do it now. The MySQL spec calls it SSLRequest packet, so keep SSL in the name for consistency.	2024-07-25 11:53:41 +02:00
Arne Welzel	fa48c88533	mysql: Recognize when client/server negotiate SSL This instantiates the SSL analyzer when the client requests SSL so that Zeek now has a bit more visibility into encrypted MySQL connections. The pattern used is the same as in the IMAP, POP or XMPP analyzer.	2023-01-27 12:42:19 +01:00
Arne Welzel	03dc21a861	testing/mysql: Add traces recorded with a free-tier MySQL instance Not sure this adds much more coverage then there was, but minimally more recent software versions. The instances/passwords were ephemeral, so hostname and password hashes etc aren't useful to anyone.	2023-01-27 10:59:23 +01:00

Arne Welzel

0a1568f1a1

mysql: Introduce mysql_ssl_request event

This should've been added with fa48c885 for completion. Do it now.
The MySQL spec calls it SSLRequest packet, so keep SSL in the name for
consistency.

2024-07-25 11:53:41 +02:00

Arne Welzel

fa48c88533

mysql: Recognize when client/server negotiate SSL

This instantiates the SSL analyzer when the client requests SSL
so that Zeek now has a bit more visibility into encrypted MySQL
connections.

The pattern used is the same as in the IMAP, POP or XMPP analyzer.

2023-01-27 12:42:19 +01:00

Arne Welzel

03dc21a861

testing/mysql: Add traces recorded with a free-tier MySQL instance

Not sure this adds much more coverage then there was, but minimally
more recent software versions.

The instances/passwords were ephemeral, so hostname and password hashes
etc aren't useful to anyone.

2023-01-27 10:59:23 +01:00

3 commits