Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-07 00:58:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base
History
Arne Welzel 3dae8ab086 smb2: Raise smb2_file_delete for CREATE with FILE_DELETE_ON_CLOSE 
When a CREATE request contains the FILE_DELETE_ON_CLOSE option and
the subsequent CREATE response indicates success, we now raise the
smb2_file_delete event to log a delete action in smb_files.log and
also give users a way to handle this scenario.

The provided pcap was generated locally by recording a smbtorture run
of the smb2.delete-on-close-perms test case.

Placed the create_options into the CmdInfo record for potential
exposure in smb_cmd.log (wasn't sure how that would look so left it
for the future).

Fixes #2276.
2022-07-16 17:14:13 +02:00
..
files GH-1634: Address feedback 2021-07-02 15:12:58 +01:00
frameworks Merge remote-tracking branch 'origin/topic/awelzel/2120-logdir-leftover' 2022-07-07 08:06:13 +02:00
misc annotate base scripts with &is_used as needed 2022-05-26 17:39:17 -07:00
packet-protocols Fix ethertype for ARP in Geneve forwarding rules 2021-12-09 14:58:08 -07:00
protocols smb2: Raise smb2_file_delete for CREATE with FILE_DELETE_ON_CLOSE 2022-07-16 17:14:13 +02:00
utils Expand build_path() function to handle empty dir arguments gracefully 2022-05-19 09:45:52 -07:00
init-bare.zeek Remove deprecated MemoryAllocation() methods and related code 2022-06-30 18:56:52 +00:00
init-default.zeek Add base/misc/installation.zeek, with Zeek installation directories 2022-05-23 14:16:59 -07:00
init-frameworks-and-bifs.zeek GH-1122: Allow initializing globals with calls to subdir BIFs 2020-08-27 12:20:37 -07:00
init-supervisor.zeek Establish a separate init script when using the supervisor 2021-07-08 13:12:53 -07:00