Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 15:18:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base
History
Seth Hall 003b32f904 Fixes to DCE_RPC analysis 
- Previously there was an (incorrect) assumption that a TCP conneciton
   would only ever have one DCE_RPC binding.  That assumption was
   incorrect and with named pipes over SMB there can be multiple
   concurrent DCE_RPC bindings.  This commit fixes that assumption by
   dynamically creating a new DCE_RPC analyzer whenever a new, unknown
   binding is created.
 - There is a crash fix in how string handling in the bind_ack message
   was done.
 - Named pipe handling over SMB1 is still not working quite right
   and problems will show up with multiplexed DCE_RPC bindings.
2016-04-06 12:37:09 -04:00
..
files Add missing documentation on the "Bro Package Index" page 2015-06-02 10:00:00 -05:00
frameworks Fix mime type identification for Windows LNK files. 2016-04-04 15:20:03 -04:00
misc BIT-1366: improve checksum offloading warning. 2015-04-02 10:12:39 -05:00
protocols Fixes to DCE_RPC analysis 2016-04-06 12:37:09 -04:00
utils Merge remote-tracking branch 'origin/topic/johanna/netcontrol' 2016-03-11 14:29:23 -08:00
init-bare.bro Fix a small bug with scriptland data types that led to a crash. 2016-04-04 15:07:01 -04:00
init-default.bro Complete breakout of SMB, GSSAPI, and NTLM 2016-04-03 04:17:20 -04:00