Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-09 01:58:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
6015 commits 388 branches 195 tags 264 MiB
Commit graph

6015 commits

This branch
This branch
All branches
Author SHA1 Message Date
Seth Hall
0eb345a25a Updating the Mozilla root certs. 2015-06-02 11:51:08 -04:00
Daniel Thayer
45caf8d2c1 Add missing documentation on the "Bro Package Index" page 2015-06-02 10:00:00 -05:00
Vlad Grigorescu
0a4604fe98 Add memleak btest for attachments over SMTP. 2015-06-01 21:14:52 -05:00
Vlad Grigorescu
847b16442b BIT-1410: Add btest 2015-06-01 20:49:04 -05:00
Vlad Grigorescu
05ea2d43c7 BIT-1410: Update baselines 2015-06-01 20:38:59 -05:00
Vlad Grigorescu
60d07f8483 BIT-1410: Propagate is_orig to MIME_Mail 2015-06-01 20:26:58 -05:00
Daniel Thayer
63aa61fcc9 More improvements to the Logging Framework doc 2015-06-01 16:36:44 -05:00
Daniel Thayer
7681263f91 Fix documentation typo 2015-06-01 14:29:03 -05:00
Daniel Thayer
4db9b8d792 Update the "Log Files" documentation 2015-06-01 14:26:09 -05:00
Seth Hall
097354a43f Updates for the urls.bro script. Fixes BIT-1404. 2015-06-01 11:38:26 -04:00
Daniel Thayer
4ddfe0ed83 Merge remote-tracking branch 'origin/master' into topic/dnthayer/doc-improvements-2.4 2015-05-31 23:49:38 -05:00
Daniel Thayer
b6920ac188 Add links in the logging framework doc 
Added links to the log writers that are available as external plugins.
 2015-05-31 23:34:19 -05:00
Daniel Thayer
648d091b29 Add a link to the bro-plugins documentation 2015-05-31 23:17:59 -05:00
Daniel Thayer
6bd24780b5 Update bro man page 2015-05-31 23:04:30 -05:00
Daniel Thayer
d0e304de46 Update script language reference documentation 2015-05-30 01:35:55 -05:00
Daniel Thayer
260b25f20a Fix typos in the "writing bro plugins" doc 2015-05-30 00:18:04 -05:00
Daniel Thayer
24701f2678 Fix a "make doc" warning 
Also fixed some indentation.
 2015-05-29 14:38:50 -05:00
Jeff Barber
72fca3ee26 Make enums work for non-C++11 config 2015-05-29 10:37:43 -04:00
Jeff Barber
30fdc37479 Refactor to make bro use a common Packet object. 
Do a better job of parsing layer 2 and keeping track of layer 3 proto.
Add support for raw packet event, including Layer2 headers.
 2015-05-29 10:37:39 -04:00
Daniel Thayer
7cf04c9f3a Improve logging framework doc 
Reorganized the content to be easier to follow, added a few more examples,
fixed some ugly formatting (removed scrollbars that make the examples
difficult to read).
 2015-05-28 17:52:32 -05:00
Robin Sommer
2b1cd66f17 Updating CHANGES and VERSION. 2015-05-28 13:37:52 -07:00
Robin Sommer
fbf40090a8 Updating submodule(s). 
[nomail]
 2015-05-28 13:20:44 -07:00
Robin Sommer
0a9b768e46 Updating submodule(s). 
[nomail]
 2015-05-28 12:15:48 -07:00
Robin Sommer
d9ef8c36c9 Updating submodule(s). 
[nomail]
 2015-05-28 12:02:26 -07:00
Robin Sommer
a3290d194c Fix segfault when DNS is not available. 
Based on patch by Frank Meier.

BIT-1387 #merged
 2015-05-28 11:52:54 -07:00
Yun Zheng Hu
2aa214d835 BIT-1314: Added QI test for rexmit_inconsistency 2015-05-28 12:12:22 +02:00
Yun Zheng Hu
b386b2ba51 BIT-1314: Add detection for Quantum Insert attacks 
TCP_Reassembler can now keep a history of old TCP segments using the
`tcp_max_old_segments` option. A value of zero will disable it.

An overlapping segment with different data can indicate a possible
TCP injection attack. The rexmit_inconsistency event will fire if this
is the case.
 2015-05-28 12:11:06 +02:00
Daniel Thayer
e02ad1711c Add link to broctl doc from the quickstart doc 2015-05-27 16:23:02 -05:00
Johanna Amann
5147b0bb02 set fedora 21 specific environment variable to not make it complain about 
md5 signed certs.

Addresses BIT-1402
 2015-05-27 12:24:21 -07:00
Daniel Thayer
fcaf1d9c95 Update install documentation and fix some typos 2015-05-25 13:08:03 -05:00
Daniel Thayer
9cde2be727 Merge remote-tracking branch 'origin/master' into topic/dnthayer/doc-improvements-2.4 2015-05-25 11:59:34 -05:00
Jon Siwek
08822e0dd4 Allow '<' and '>' in MIME multipart boundaries. 
The spec doesn't actually seem to permit these, but Seth had a (private)
pcap showing them used in the wild (and the HTTP/MIME analyzer failed to
parse content as a result).
 2015-05-22 11:46:50 -05:00
Jon Siwek
c870fefbef Updating submodule(s). 
[nomail]
 2015-05-20 13:00:58 -05:00
Seth Hall
ea2ce67c5f Fixes an issue with missing zlib headers on deflated HTTP content. 
- Includes a test.
 2015-05-18 14:30:32 -04:00
Johanna Amann
8be8f2e725 update local-compat.test 2015-05-07 21:55:59 -07:00
Johanna Amann
456a78e204 Updating CHANGES and VERSION. 2015-05-07 20:32:20 -07:00
Johanna Amann
ae74f37696 Updating CHANGES and VERSION. 2015-05-07 13:57:03 -07:00
Robin Sommer
1e66c6718a Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Add /sbin to PATH in btest.cfg
 2015-05-06 09:58:30 -07:00
Daniel Thayer
f6248994e4 Add /sbin to PATH in btest.cfg 
Added /sbin to PATH so that a couple of tests that require ifconfig
are not skipped on systems (such as debian) which don't have /sbin
in PATH by default.

Also removed a duplicate default_path.
 2015-05-04 14:47:56 -05:00
Robin Sommer
190df47c4b Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Update usage output and list of cmd-line options
  A small fix to ssh/geo-data.bro. ssh can now be unset for local-local or remote-remote, so make the script deal with this.
 2015-05-04 09:58:57 -07:00
Daniel Thayer
26007f419e Update usage output and list of cmd-line options 2015-04-29 23:56:55 -05:00
Robin Sommer
31e75c8eac Baseline update. 2015-04-29 20:34:37 -07:00
Vlad Grigorescu
cb91a9c101 A small fix to ssh/geo-data.bro. ssh can now be unset for local-local or remote-remote, so make the script deal with this. 2015-04-29 20:57:40 -04:00
Robin Sommer
afdae31430 Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Update NEWS and code for removal of -O cmd-line option
 2015-04-29 17:02:59 -07:00
Robin Sommer
488acbb961 Merge remote-tracking branch 'origin/topic/seth/sip-fixes' 
* origin/topic/seth/sip-fixes:
  Improve SIP logging and remove reporter messages.

BIT-1391 #merged
 2015-04-29 17:02:23 -07:00
Daniel Thayer
1508b00489 Update NEWS and code for removal of -O cmd-line option 2015-04-28 16:33:33 -05:00
Seth Hall
651132b70c Improve SIP logging and remove reporter messages. 
- People were seeing some reporter messages where the
   SIP scripts were not handling things safely.

 - New fields to show {request|response}_{from|to}.

 - Fixed a case where logs could be over logged on accident (junk logs).
 2015-04-28 16:30:54 -04:00
Robin Sommer
501dc821bf Merge remote-tracking branch 'origin/topic/jsiwek/bit-1350' 
* origin/topic/jsiwek/bit-1350:
  BIT-1350: improve record coercion type checking.

BIT-1350 #merged
 2015-04-27 17:28:29 -07:00
Robin Sommer
8f95a38885 Merge remote-tracking branch 'origin/topic/jsiwek/bit-1384' 
* origin/topic/jsiwek/bit-1384:
  BIT-1384: Remove -O (optimize scripts) command-line option.

BIT-1384 #merged
 2015-04-27 17:26:12 -07:00
Robin Sommer
d0d8c7a03a Merge remote-tracking branch 'origin/fastpath' 
* origin/fastpath:
  Fix the -J/--set-seed cmd-line option
  Remove unused -l, -L, and -Z cmd-line options
  Fix the --time and --re-level cmd-line options
  Update NEWS with changes to Bro cmd-line options
  Minor corrections and clarifications to NEWS

Conflicts:
	NEWS
 2015-04-27 17:23:07 -07:00