Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-15 04:58:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
zeek/testing/btest/Traces
History
Johanna Amann 0cd0ffed13 SSL: update dpd signature for TLS1.3 
The dpd signature missed a few cases that are used for TLS 1.3,
especially when draft versions (which are all that we are seeing at the
moment) are being negotiated.

This fix mostly allows draft versions in the server hello (identified by
7F[version]; since we do not know how many drafts there will be, we are
currently allowing a rather safe upper limit.
2017-04-05 08:58:08 -07:00
..
chksums Change ICMPv6 checksum calculation to use IP_Hdr wrapper. 2012-04-10 11:37:08 -05:00
dce-rpc Add a DCE-RPC test. 2016-07-07 14:17:25 -04:00
dhcp DHCP: Adding unit tests. 2013-07-31 17:30:56 -04:00
dnp3 Change snaplens of a few more tests. 2017-02-03 14:10:11 -08:00
ftp Fixing FTP cwd getting overlue long. 2016-05-29 08:52:47 -07:00
http Additional test specifically for the HTTP filename handling. 2016-06-15 01:56:07 -04:00
icmp BIT-342: add "icmp_sent_payload" event. 2015-03-18 16:16:24 -05:00
ipv4 A set of tests exercising IP defragmentation and TCP reassembly. 2015-07-03 08:40:22 -07:00
krb Update the KRB tests a bit. 2015-04-21 12:27:14 -04:00
mobile-ipv6 Add support for mobile IPv6 Mobility Header (RFC 6275). 2012-04-09 14:39:00 -05:00
modbus Merge remote-tracking branch 'origin/topic/robin/modbus-events-merge' 2014-07-22 17:34:11 -07:00
mysql Add a btest for the Wireshark sample MySQL PCAP 2014-08-08 15:02:18 -05:00
pe Add a PE memleak test, and fix a memleak. 2015-04-19 20:22:42 -04:00
radius Rework the RADIUS base script. 2017-02-20 00:07:14 -05:00
rdp Huge updates to the RDP analyzer from Josh Liburdi. 2015-03-04 13:12:03 -05:00
rfb Analyzer and bro script for RFB protocol (VNC) 2016-04-11 10:35:00 +02:00
sip Add SIP btests. 2015-04-19 22:25:37 -04:00
smb Including a test for raw NTLM in SMB 2016-10-26 10:41:08 -04:00
snmp Correct endianness of IP addresses in SNMP. 2016-07-26 15:02:11 -07:00
ssh Updates related to SSH analysis. 2015-03-30 11:30:48 -05:00
tcp Change snaplen of test trace from 1,000,000 to 10,000 2017-01-31 13:10:36 -08:00
tls SSL: update dpd signature for TLS1.3 2017-04-05 08:58:08 -07:00
trunc Add a number of out_of_bound checks to Packet.cc 2015-08-31 13:09:18 -07:00
tunnels BIT-867 - Support GRE tunnel decapsulation. 2014-01-16 16:03:04 -06:00
arp-who-has.pcap ARP: remove unnecessary variables and add testcase 2016-04-27 06:51:04 -07:00
conn-size.trace Merge of Gregor's conn-size branch. 2011-05-09 17:14:31 -07:00
dns-caa.pcap Add DNS tests for huge TLL and CAA 2016-04-25 15:43:20 -07:00
dns-dnskey.trace Adding a trace with a DNSKEY RR. 2013-07-29 14:08:33 -07:00
dns-huge-ttl.pcap Change snaplens of a few more tests. 2017-02-03 14:10:11 -08:00
dns-inverse-query.trace Change dns.log to include only standard DNS queries. 2014-01-28 13:56:22 -06:00
dns-tsig.trace Fix possible buffer over-read in DNS TSIG parsing 2014-09-02 14:22:26 -05:00
dns-two-responses.trace Fixing a dns reporter message in master. 2013-07-18 09:24:22 -04:00
dns-txt-multiple.trace Merge remote-tracking branch 'origin/topic/jsiwek/bit-1156' 2014-04-24 16:36:47 -07:00
dns-zero-RRs.trace Fix for DNS log problem when a DNS response is seen with 0 RRs. 2012-10-05 13:48:49 -04:00
dns53.pcap BIT-788: use DNS QR field to better identify flow direction. 2015-03-19 11:53:40 -05:00
empty.trace Porting the istate tests to btest. 2011-03-29 21:46:06 -07:00
erspan.trace Implement ERSPAN support. 2017-02-03 12:29:22 -08:00
globus-url-copy.trace Add an example of a GridFTP data channel detection script. 2012-10-01 12:32:24 -05:00
icmp_dot1q.trace Refactor to make bro use a common Packet object. 2015-05-29 10:37:39 -04:00
ip6_esp.trace Fix ipv6_ext_headers event and add routing0_data_to_addrs BIF. 2012-03-14 10:31:08 -05:00
ipv6-fragmented-dns.trace Add unit test for IPv6 fragment reassembly. 2012-03-12 15:26:51 -05:00
ipv6-hbh-routing0.trace Improve handling of IPv6 routing type 0 extension headers. 2012-03-27 16:05:45 -05:00
ipv6-http-atomic-frag.trace Fix handling of IPv6 atomic fragments. 2012-04-04 15:27:43 -05:00
ipv6_zero_len_ah.trace Fix construction of ip6_ah (Authentication Header) record values. 2012-09-18 16:52:12 -05:00
irc-basic.trace Merge branch 'master' of https://github.com/marktayl/bro 2016-02-08 13:02:09 -08:00
irc-dcc-send.trace Add IRC unit tests. 2011-07-20 14:49:20 -05:00
irc-whitespace.trace Merge branch 'master' of https://github.com/marktayl/bro 2016-02-12 18:55:25 -08:00
llc.pcap Merge branch 'topic/jgras/mac-logging' of https://github.com/J-Gras/bro 2016-06-06 17:59:34 -07:00
mixed-vlan-mpls.trace Support for (mixed) MPLS and VLAN traffic, and a new default BPF 2011-04-29 09:10:43 -07:00
mpls-in-vlan.trace Support for MPLS over VLAN. 2014-02-14 12:07:24 -08:00
negative-time.pcap Ignoring packets with negative timestamps. 2016-05-23 13:22:22 -07:00
nmap-vsn.trace Added a document for the SumStats framework. 2013-11-06 13:52:29 -05:00
ntp.pcap Fix a couple of problems with signature matching. 2016-10-19 14:23:43 -07:00
port4242.trace Checkpointing the dynamic plugin code. 2013-11-26 14:04:29 -08:00
pppoe.trace Adding a test for PPPoE support. 2012-10-24 01:05:01 -04:00
q-in-q.trace Add support for 802.1ah (Q-in-Q). 2013-03-22 12:38:43 -04:00
radiotap.pcap Improved Radiotap support and a test. 2016-01-19 04:10:44 -05:00
raw_packets.trace Refactor to make bro use a common Packet object. 2015-05-29 10:37:39 -04:00
rotation.trace Moving trace for rotation test into traces directory. 2012-05-16 18:28:51 -07:00
smtp-multi-addr.pcap Added test-case for intel framework matching email 2015-12-16 14:51:02 +01:00
smtp-one-side-only.trace Fixing SMTP state tracking. 2014-06-10 18:01:38 -07:00
smtp.trace Appended smtp.trace with CC: header baseline test 2015-07-26 22:48:31 +03:00
socks-auth.pcap Update the SOCKS analyzer to support user/pass login. 2015-02-05 12:44:10 -05:00
socks-with-ssl.trace Updates for the SOCKS analyzer. 2012-06-20 13:58:25 -04:00
socks.trace Updates for the SOCKS analyzer. 2012-06-20 13:58:25 -04:00
syslog-single-udp.trace Porting syslog analyzer as another example. 2013-04-05 13:13:30 -07:00
udp-signature-test.pcap BIT-844: fix UDP payload signatures to match packet-wise 2015-04-06 15:22:26 -05:00
var-services-std-ports.trace Update/improve known-services test. 2011-06-24 11:18:25 -05:00
web.trace Porting the istate tests to btest. 2011-03-29 21:46:06 -07:00
wikipedia.trace Fixing checksums in test trace because Bro now reports them. :-) 2012-12-14 14:48:16 -08:00
workshop_2011_browse.trace Basic cross-referencing UIDs between files, btests, and baselines. 2013-05-07 13:33:38 -04:00
www-odd-url.trace Bugfix for log writer. 2011-09-11 21:33:09 -07:00