Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-16 13:38:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
399 commits 384 branches 198 tags 285 MiB
Commit graph

399 commits

This branch
This branch
All branches
Author SHA1 Message Date
Seth Hall
e259da6f8b Merge commit 'e8bff4779e' into topic/policy-scripts-new 
* commit 'e8bff4779e':
  Initial and incomplete http.bro
 2011-03-16 17:04:21 -04:00
Seth Hall
86a127de44 Merge commit 'febfd4cf04' into topic/policy-scripts-new 
* commit 'febfd4cf04':
  Better software version parsing.
 2011-03-16 17:04:16 -04:00
Seth Hall
656084bd02 Merge commit 'c212f28130' into topic/policy-scripts-new 
* commit 'c212f28130':
  Fixed ftp.bro so that it's extensible by users.
 2011-03-16 17:04:12 -04:00
Seth Hall
9931fa529f Merge commit 'e7c7929d35' into topic/policy-scripts-new 
* commit 'e7c7929d35':
  Remove unused code; conform to naming conventions; relocate more state to export section
 2011-03-16 17:03:56 -04:00
Seth Hall
876463033e Merge commit 'e8526a0c05' into topic/policy-scripts-new 
* commit 'e8526a0c05':
  Tiny cleanup to notice.bro
 2011-03-16 17:03:51 -04:00
Seth Hall
9384fbd968 Merge commit '50acf152bd' into topic/policy-scripts-new 
* commit '50acf152bd':
  More software fixes (and successful tests!).
 2011-03-16 17:03:45 -04:00
Seth Hall
25318de82d Merge commit '65c3cb6faf' into topic/policy-scripts-new 
* commit '65c3cb6faf':
  Updates for detecting and logging software.
 2011-03-16 17:03:40 -04:00
Seth Hall
553f70e4f8 Merge commit 'da90961197' into topic/policy-scripts-new 
* commit 'da90961197':
  Another software documentation nit.
 2011-03-16 17:03:35 -04:00
Seth Hall
da244f83b2 Merge commit 'ad054d0dcf' into topic/policy-scripts-new 
* commit 'ad054d0dcf':
  New software.bro API function for constructing an Info record from a raw version string.
 2011-03-16 17:03:29 -04:00
Seth Hall
c4cf5fe905 Merge commit 'b7e59a717b' into topic/policy-scripts-new 
* commit 'b7e59a717b':
  Documentation nit fixed.
 2011-03-16 17:03:24 -04:00
Seth Hall
8044b730d6 Merge commit 'e105a7f948' into topic/policy-scripts-new 
* commit 'e105a7f948':
  software.bro now more complete and documented.
 2011-03-16 17:03:19 -04:00
Seth Hall
b6f6606398 Merge commit 'd3432829c9' into topic/policy-scripts-new 
* commit 'd3432829c9':
  Fixed some problems with the FTP analysis.
 2011-03-16 17:03:15 -04:00
Seth Hall
7e67d7b5ce Merge commit '4c8650f552' into topic/policy-scripts-new 
* commit '4c8650f552':
  The global NOTICE function is back.
 2011-03-16 17:03:10 -04:00
Seth Hall
a01095423a Merge commit '05b689f10f' into topic/policy-scripts-new 
* commit '05b689f10f':
  DPD is now enabled by default.
 2011-03-16 17:03:04 -04:00
Seth Hall
6a25b2494e Merge commit '0bae127b3e' into topic/policy-scripts-new 
* commit '0bae127b3e':
  Started rewrite of software.bro
 2011-03-16 17:02:58 -04:00
Seth Hall
3bba5af34f Merge commit '8fff1d70fd' into topic/policy-scripts-new 
* commit '8fff1d70fd':
  ftp.bro is done except for a few points
 2011-03-16 17:02:53 -04:00
Seth Hall
d003f1e27b Merge commit '670ceb94d3' into topic/policy-scripts-new 
* commit '670ceb94d3':
  Switched to using SSL::Log as the type for the state table; moved state table into export section; added &default=F for weak ciphers booleans; combined two handlers for event bro_init(); reduced number of dependencies; updated to use Notice:: namespace as needed; deleted obsolete code; added documentation
 2011-03-16 17:02:47 -04:00
Seth Hall
cb4ca01c22 Merge commit '03044c329e' into topic/policy-scripts-new 
* commit '03044c329e':
  Initial movement towards rewritten ftp.bro script.
 2011-03-16 17:02:40 -04:00
Seth Hall
dcabacc8e1 Merge commit '723b46a410' into topic/policy-scripts-new 
* commit '723b46a410':
 2011-03-16 17:02:30 -04:00
Seth Hall
49853ea82b Merge commit 'fd3ba87cae' into topic/policy-scripts-new 
* commit 'fd3ba87cae':
  Initial drop of updated ssl.bro
 2011-03-16 17:02:25 -04:00
Seth Hall
f64bff298c Merge commit '2c975495d3' into topic/policy-scripts-new 
* commit '2c975495d3':
  Initial drop of updated ssl.bro
 2011-03-16 17:02:18 -04:00
Seth Hall
1dee9403a5 Merge commit 'd19da7a60a' into topic/policy-scripts-new 
* commit 'd19da7a60a':
  More script updates.
 2011-03-16 17:02:13 -04:00
Seth Hall
9474929d60 Merge commit '523b078f0e' into topic/policy-scripts-new 
* commit '523b078f0e':
  Small issues fixed with new ssh analysis script.
 2011-03-16 17:02:06 -04:00
Seth Hall
a361b745fb Merge commit '9ef42a64c0' into topic/policy-scripts-new 
* commit '9ef42a64c0':
  Moved some files into the new policy directory.
 2011-03-16 17:02:00 -04:00
Seth Hall
fcba9a5c02 Merge commit '68d4e612f1' into topic/policy-scripts-new 
* commit '68d4e612f1':
  Rework of conn.bro.

Conflicts:
	policy.old/conn.bro
 2011-03-16 17:01:20 -04:00
Seth Hall
70811844e5 Merge commit 'ac99ec23aa' into topic/policy-scripts-new 
* commit 'ac99ec23aa':
  Modernized known-services.bro
 2011-03-16 17:00:52 -04:00
Seth Hall
a876c4c7cf Merge commit '1a327cd355' into topic/policy-scripts-new 
* commit '1a327cd355':
  Moved events for filling in connection service field to dpd.bro
 2011-03-16 17:00:46 -04:00
Seth Hall
4c4ab80e84 Merge commit 'd2e3328b91' into topic/policy-scripts-new 
* commit 'd2e3328b91':
  Moved "@load logging" to the functions files.
  Adapted for API similarity with Robin's logging framework code.

Conflicts:
	policy/logging.bro
	policy/test-logging.bro
	src/bro.bif
 2011-03-16 17:00:28 -04:00
Seth Hall
b1192560c6 Merge commit '04c5c21705' into topic/policy-scripts-new 
* commit '04c5c21705':
  Adapted known-hosts for the logging framework.
 2011-03-16 16:58:24 -04:00
Seth Hall
b8649b4fe7 Merge commit 'e7079aefab' into topic/policy-scripts-new 
* commit 'e7079aefab':
  Added site as a dependency in the functions file.
 2011-03-16 16:58:18 -04:00
Seth Hall
fc66d0b140 Merge commit '60e66f3227' into topic/policy-scripts-new 
* commit '60e66f3227':
  Added site.bro as another dependency to policy directory.
 2011-03-16 16:58:12 -04:00
Seth Hall
a2afd8d25d Merge commit '600c5bedea' into topic/policy-scripts-new 
* commit '600c5bedea':
  Moved some base script dependencies to the new policy directory.
 2011-03-16 16:58:04 -04:00
Seth Hall
54b92d0981 Merge commit '517456a2df' into topic/policy-scripts-new 
* commit '517456a2df':
  Added and rewrote known-hosts.bro
 2011-03-16 16:56:01 -04:00
Seth Hall
dc20f95eca Merge commit '62613ec1a0' into topic/policy-scripts-new 2011-03-16 16:54:57 -04:00
Seth Hall
59acb8bb3e Merge remote branch 'origin/topic/robin/logging-internals' into topic/policy-scripts-new 2011-03-16 16:49:57 -04:00
Robin Sommer
c92154994a Updating submodule(s). 2011-03-14 17:42:32 -07:00
Robin Sommer
88b41b6320 Merge remote branch 'origin/topic/jsiwek/cmake-compiler-check' 
* origin/topic/jsiwek/cmake-compiler-check:
  Add explicit CMake check for compiler

Conflicts:
	aux/broccoli
	aux/broctl
 2011-03-14 17:42:25 -07:00
Seth Hall
e8bff4779e Initial and incomplete http.bro 
* So far, really only creates state and outputs logs.
 2011-03-14 17:01:18 -04:00
Seth Hall
febfd4cf04 Better software version parsing. 
* $addl field now parsed out in many cases.
* A few new tests for web browser versions.
  * Browers user-agents need preprocessed though.
* All tests pass.
 2011-03-14 15:41:45 -04:00
Seth Hall
c212f28130 Fixed ftp.bro so that it's extensible by users. 2011-03-14 12:01:12 -04:00
Robin Sommer
b68d50d717 Updating submodule(s). 2011-03-11 18:41:45 -08:00
Robin Sommer
e1052b93b0 Test commit. 2011-03-11 18:39:14 -08:00
Robin Sommer
7d3ff49607 New submodule location. 2011-03-11 18:33:44 -08:00
Don Appleman
277136ecfc Merge branch 'topic/policy-scripts' of git://git.icir.org/bro into topic/policy-scripts 2011-03-11 17:05:06 -06:00
Don Appleman
e7c7929d35 Remove unused code; conform to naming conventions; relocate more state to export section 2011-03-11 17:04:30 -06:00
Seth Hall
e8526a0c05 Tiny cleanup to notice.bro 2011-03-11 15:07:24 -05:00
Seth Hall
50acf152bd More software fixes (and successful tests!). 
* SSH now removes the protocol information for detecting the actual software and not protocol used.
* Updates for the default version parsing.
* No longer testing default version parsing for the $addl field.  It doesn't seem to be generically extractable.
 2011-03-11 15:07:07 -05:00
Seth Hall
65c3cb6faf Updates for detecting and logging software. 
* Tests for the default software version parsing (showing how broken it is!)
* Software::cmp_versions(v1: Version, v2: Version) is now exported
* Many small naming tweaks to adjust to namespaces.
 2011-03-11 13:51:31 -05:00
Robin Sommer
0f854315e9 New test. 2011-03-10 18:18:58 -08:00
Robin Sommer
45ebfbb2b8 Bug fixes. 
- Fixing a crash with an invalid pointer.

- Fixing a namespacing problem with is_ftp_data_conn() and check_relay_3().

- Fixing the do-we-have-an-event-handler-defined check.

Standard test-suite passes.

Seth, I think you can give it a try now ...
 2011-03-10 18:18:01 -08:00