Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
7997 commits 386 branches 195 tags 256 MiB
Commit graph

11 commits

Author SHA1 Message Date
Daniel Thayer
01a899255e Convert more redef-able constants to runtime options 2018-08-24 16:05:44 -05:00
Daniel Thayer
dc0904a7f3 Convert some redef-able constants to runtime options 2018-08-15 10:17:14 -05:00
Robin Sommer
07222bb107 Merge remote-tracking branch 'origin/topic/johanna/ssl-policy' 
* origin/topic/johanna/ssl-policy:
  Extend the weak-keys policy file to also alert when encountering ssl connections with old versions as well as unsafe cipher suites.

BIT-1321 #merged
 2015-03-02 17:19:00 -08:00
Johanna Amann
897351f87e Extend the weak-keys policy file to also alert when encountering 
ssl connections with old versions as well as unsafe cipher suites.

Also make the notice suppression handling of other ssl policy files
a tad more robust.
 2015-02-25 13:57:04 -08:00
Johanna Amann
f99bc98800 for dh key exchanges, use p as the parameter for weak key exchanges. 
Y can be a few bytes smaller due to the modulo operation - this is ok.
 2014-11-17 09:51:47 -08:00
Johanna Amann
33053cca3a Mark everything below 2048 bit as a weak key (Browsers will stop 
accepting 1024 bits soon, so we can be of that opinion too).

Also - fix notice suppression. :/
 2014-08-08 09:26:11 -07:00
Bernhard Amann
cb2eb0228b last ssl fixes - missed three more. 
This is the last one, I promise.
 2014-05-21 11:24:47 -07:00
Robin Sommer
8d1b47fae6 Merge remote-tracking branch 'origin/topic/bernhard/ec-curve' 
BIT-1189 #merged

* origin/topic/bernhard/ec-curve:
  fix broxygen errors
  Polish changes for ecdhe/dhe
  Add DH support to SSL analyzer.
  Add a few more ciphers Bro did not know at all so far.
  Forgot a few ciphers in the EC list...
  Log chosen curve when using ec cipher suite in TLS.
 2014-05-01 20:52:50 -07:00
Bernhard Amann
7d0e5067c7 fix broxygen errors 2014-04-27 16:25:32 -07:00
Bernhard Amann
ef5b021e77 Polish changes for ecdhe/dhe 2014-04-27 00:15:49 -07:00
Bernhard Amann
fb56b22cff Add DH support to SSL analyzer. 
When using DHE or DH-Anon, sever key parameters are now available
in scriptland.

Also add script to alert on weak certificate keys or weak dh-params.
 2014-04-26 23:52:51 -07:00