Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-14 20:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
No description
6464 commits 388 branches 197 tags 279 MiB
Find a file
Seth Hall 003b32f904 Fixes to DCE_RPC analysis 
- Previously there was an (incorrect) assumption that a TCP conneciton
   would only ever have one DCE_RPC binding.  That assumption was
   incorrect and with named pipes over SMB there can be multiple
   concurrent DCE_RPC bindings.  This commit fixes that assumption by
   dynamically creating a new DCE_RPC analyzer whenever a new, unknown
   binding is created.
 - There is a crash fix in how string handling in the bind_ack message
   was done.
 - Named pipe handling over SMB1 is still not working quite right
   and problems will show up with multiplexed DCE_RPC bindings.
2016-04-06 12:37:09 -04:00
aux Updating submodule(s). 2016-03-21 11:59:41 -07:00
cmake@537e45afe1 Updating submodule(s). 2016-03-11 15:26:16 -08:00
doc Merge remote-tracking branch 'origin/topic/johanna/freebsd9' 2016-03-03 21:34:41 -08:00
man Update bro man page 2015-05-31 23:04:30 -05:00
pkg BIT-1371: remove CMake version check from binary package scripts. 2015-04-06 16:04:14 -05:00
scripts Fixes to DCE_RPC analysis 2016-04-06 12:37:09 -04:00
src Fixes to DCE_RPC analysis 2016-04-06 12:37:09 -04:00
testing Fixing a test baseline (more stuff working right!) 2016-04-03 15:49:02 -04:00
.gitignore Ignore tmp dir. 2011-10-25 19:59:25 -07:00
.gitmodules Add support for building/linking broker within bro 2015-01-08 16:43:07 -06:00
bro-config.h.in Removing pcap options for AF_PACKET support. 2015-10-23 15:06:02 -07:00
bro-path-dev.in Flesh out Broxygen doc-gathering skeleton. 2013-10-22 14:45:47 -05:00
CHANGES Only load openflow/netcontrol if compiled with broker. 2016-03-24 13:39:34 -07:00
CMakeLists.txt update cmake OpenSSL checks 2016-02-23 14:47:55 -08:00
configure Adapt to recent change in CAF CMake script 2016-03-21 19:02:25 -07:00
COPYING Fixing tiny thing in NEWS. 2015-06-09 07:01:06 -07:00
INSTALL Make INSTALL a symlink to doc/install/install.rst 2015-03-13 15:45:20 -05:00
Makefile Splitting test-all target into Bro tests and test-aux. 2015-03-17 15:57:28 -07:00
NEWS Update NEWS 2016-03-18 12:33:59 -07:00
README Updating README with download/git information. 2013-10-25 15:06:13 -07:00
README.rst Add README.rst -> README symlink. Addresses BIT-1413 2015-09-10 15:22:13 -05:00
VERSION Only load openflow/netcontrol if compiled with broker. 2016-03-24 13:39:34 -07:00

README 

============================
Bro Network Security Monitor
============================

Bro is a powerful framework for network analysis and security
monitoring. Please see the INSTALL file for installation instructions
and pointers for getting started. NEWS contains release notes for the
current version, and CHANGES has the complete history of changes.
Please see COPYING for licensing information.

You can download source and binary releases on:

    http://www.bro.org/download

To get the current development version, clone our master git
repository:

    git clone --recursive git://git.bro.org/bro

For more documentation, research publications, and community contact
information, please see Bro's home page:

    http://www.bro.org


On behalf of the Bro Development Team,

Vern Paxson & Robin Sommer,
International Computer Science Institute &
Lawrence Berkeley National Laboratory
vern@icir.org / robin@icir.org