mirror of
https://github.com/zeek/zeek.git
synced 2025-10-03 23:28:20 +00:00
7e9d48f532
The broxygen-generated files now live in the git repo, have tests that check that they are up-to-date, and a script to re-generate them on-demand.
17 lines
501 B
ReStructuredText
17 lines
501 B
ReStructuredText
:orphan:
|
|
|
|
Package: policy/misc/detect-traceroute
|
|
======================================
|
|
|
|
Detect hosts that are running traceroute.
|
|
|
|
:doc:`/scripts/policy/misc/detect-traceroute/__load__.bro`
|
|
|
|
|
|
:doc:`/scripts/policy/misc/detect-traceroute/main.bro`
|
|
|
|
This script detects a large number of ICMP Time Exceeded messages heading
|
|
toward hosts that have sent low TTL packets. It generates a notice when the
|
|
number of ICMP Time Exceeded messages for a source-destination pair exceeds
|
|
a threshold.
|
|
|