Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base
History
Arne Welzel 3ac877e20d scripts/smb2-main: Reset script-level state upon smb2_discarded_messages_state() 
This is similar to what the external corelight/zeek-smb-clear-state script
does, but leverages the smb2_discarded_messages_state() event instead of
regularly checking on the state of SMB connections.

The pcap was created using the dperson/samba container image and mounting
a share with Linux's CIFS filesystem, then copying the content of a
directory with 100 files. The test uses a BPF filter to imitate mostly
"half-duplex" traffic.
2023-05-03 11:22:01 +02:00
..
files Spelling fixes: scripts 2022-11-02 17:36:39 -04:00
frameworks scripts/smb2-main: Reset script-level state upon smb2_discarded_messages_state() 2023-05-03 11:22:01 +02:00
misc annotate base scripts with &is_used as needed 2022-05-26 17:39:17 -07:00
packet-protocols Add forwarding from VLAN analyzer into LLC, SNAP, and Novell 802.3 analyzers 2023-04-25 12:29:55 -07:00
protocols scripts/smb2-main: Reset script-level state upon smb2_discarded_messages_state() 2023-05-03 11:22:01 +02:00
utils Treat private address space as site-local by default 2023-03-15 17:01:00 -07:00
init-bare.zeek smb2: Limit per-connection read/ioctl/tree state 2023-05-03 10:58:59 +02:00
init-default.zeek Provide infrastructure to migrate legacy analyzers to Spicy. 2023-02-01 11:33:48 +01:00
init-frameworks-and-bifs.zeek analyzer: Add analyzer.log for logging violations/confirmations 2023-01-09 18:11:49 +01:00
init-supervisor.zeek Establish a separate init script when using the supervisor 2021-07-08 13:12:53 -07:00