Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base/protocols
History
Seth Hall 003b32f904 Fixes to DCE_RPC analysis 
- Previously there was an (incorrect) assumption that a TCP conneciton
   would only ever have one DCE_RPC binding.  That assumption was
   incorrect and with named pipes over SMB there can be multiple
   concurrent DCE_RPC bindings.  This commit fixes that assumption by
   dynamically creating a new DCE_RPC analyzer whenever a new, unknown
   binding is created.
 - There is a crash fix in how string handling in the bind_ack message
   was done.
 - Named pipe handling over SMB1 is still not working quite right
   and problems will show up with multiplexed DCE_RPC bindings.
2016-04-06 12:37:09 -04:00
..
conn Update documentation for RSTR. 2016-03-01 14:08:58 -08:00
dce-rpc Fixes to DCE_RPC analysis 2016-04-06 12:37:09 -04:00
dhcp Allow logging filters to inherit default path from stream. 2015-03-19 14:49:55 -05:00
dnp3 Allow logging filters to inherit default path from stream. 2015-03-19 14:49:55 -05:00
dns Merge remote-tracking branch 'origin/topic/jsiwek/bit-1324' 2015-03-23 10:35:30 -07:00
ftp Files transferred over FTP were showing incorrect sizes. 2016-03-11 12:56:28 -05:00
http Merge branch 'patch-3' of https://github.com/aeppert/bro 2016-01-15 10:35:57 -08:00
irc File API updates complete. 2015-04-20 10:46:48 -04:00
krb Add missing documentation on the "Bro Package Index" page 2015-06-02 10:00:00 -05:00
modbus Allow logging filters to inherit default path from stream. 2015-03-19 14:49:55 -05:00
mysql Add missing documentation on the "Bro Package Index" page 2015-06-02 10:00:00 -05:00
ntlm Complete breakout of SMB, GSSAPI, and NTLM 2016-04-03 04:17:20 -04:00
pop3 Add README files for base/protocols 2013-10-17 12:47:32 -05:00
radius Add missing documentation on the "Bro Package Index" page 2015-06-02 10:00:00 -05:00
rdp Add missing documentation on the "Bro Package Index" page 2015-06-02 10:00:00 -05:00
sip Subscribe is a valid message per RFC 3265 2016-03-01 14:00:11 -08:00
smb Move some of the last DCE_RPC scripts out of SMB scripts. 2016-04-03 15:48:47 -04:00
smtp SMTP logs include CC: addresses [BIT-1429] 2015-07-26 22:08:43 +03:00
snmp Allow logging filters to inherit default path from stream. 2015-03-19 14:49:55 -05:00
socks Allow logging filters to inherit default path from stream. 2015-03-19 14:49:55 -05:00
ssh Merge branch 'patch-4' of https://github.com/aeppert/bro 2016-03-07 13:39:28 -08:00
ssl Update TLS constants and extensions from IANA. 2016-03-18 11:23:44 -07:00
syslog Allow logging filters to inherit default path from stream. 2015-03-19 14:49:55 -05:00
tunnels Make Teredo DPD signature more precise. 2015-08-12 17:16:09 -07:00