Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/testing/btest/scripts/base/protocols
History
Emmanuele Zambon 05d92dc2a5 Prevent non-Modbus on port 502 to be reported as Modbus 
This commit prevents most non-Modbus TCP traffic on port 502 to be
reported as Modbus in conn.log as well as in modbus.log.
To do so, we have introduced two &enforce checks in the Modbus
protocol definition that checks that some specific fields of the
(supposedly) Modbus header are compatible with values specified in
the specs.

To ensure non-regression, with this commit we also introduce a
new btest.

Closes #3962
2024-10-21 14:40:45 +02:00
..
arp Initial implementation of Lower-Level analyzers 2020-09-23 11:13:25 -07:00
bittorrent Adding test for BitTorrent tracker. 2021-12-21 17:48:26 +01:00
conn GH-1252: rename files with colons for Windows compatibility 2020-11-04 10:29:52 -08:00
dce-rpc dce-rpc: Test cases for unbounded state growth 2023-06-30 15:14:35 +02:00
dhcp dhcp: Handle is_orig=T for connections from server to 255.255.255.255 2023-08-28 12:15:55 +02:00
dnp3 General btest cleanup 2020-08-11 11:26:22 -07:00
dns Add weird for unhandled opcodes in DNS analyzer 2024-09-04 13:01:24 -07:00
finger Provide infrastructure to migrate legacy analyzers to Spicy. 2023-02-01 11:33:48 +01:00
ftp Merge branch 'pr/3946' 2024-09-27 16:52:44 +02:00
http http: fix password capture when enabled 2024-08-28 21:44:39 +02:00
icmp Remove deprecated ICMP events 2021-01-27 10:52:40 -07:00
imap Remove @load base/frameworks/dpd from tests 2022-08-31 17:00:55 +02:00
irc Add irc_dcc_send_ack event and fix missing fields 2023-04-24 07:29:51 +00:00
krb krb/smb2_krb_nokeytab: Register get_file_handle() to avoid warnings 2023-02-06 18:09:11 +01:00
ldap btest/ldap: Add regression test for #3919 2024-09-06 19:16:49 +02:00
modbus Prevent non-Modbus on port 502 to be reported as Modbus 2024-10-21 14:40:45 +02:00
mount GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
mqtt Remove full scripts marked as 6.1 deprecations 2023-06-14 10:07:22 -07:00
mysql mysql: Implement and test COM_CHANGE_USER 2024-08-14 10:20:01 +02:00
ncp General btest cleanup 2020-08-11 11:26:22 -07:00
nfs GH-239: Rename bro to zeek, bro-config to zeek-config, and bro-path-dev to zeek-path-dev. 2019-05-01 21:43:45 +00:00
ntp NTP: Detect out-of-order packets 2023-05-04 19:44:02 +02:00
pop3 POP3: Rework unbounded pending command fix 2024-10-04 12:45:59 -07:00
portmap GH-684: Fix parsing of RPC calls with non-AUTH_UNIX flavors 2019-11-13 13:14:14 -08:00
postgresql postgresql: Initial parser implementation 2024-09-06 16:10:48 +02:00
quic Bump Spicy to current main. 2024-01-29 09:59:46 +01:00
radius Convert pcapng test suite files to pcap format 2019-11-08 13:08:06 -08:00
rdp RDP: add some enforcement to required values based on MS-RDPBCGR docs 2023-03-24 10:33:21 -07:00
rfb regularize test suite names to avoid custom/outdated suffices 2022-05-12 13:32:49 -07:00
sip GH-1507: Tolerate junk data before SIP requests 2021-04-14 15:34:07 -07:00
smb Fix handling of zero-length SMB2 error responses 2024-07-24 12:44:46 -07:00
smtp btest/smtp/bdat: Move tests into proper directory 2024-01-23 21:49:50 +01:00
snap Add basic LLC, SNAP, and Novell 802.3 packet analyzers 2023-04-25 12:29:54 -07:00
snmp General btest cleanup 2020-08-11 11:26:22 -07:00
socks socks/dpd: Fix socks5_server side signature 2023-06-05 13:54:47 +02:00
ssh ssh: Revert half-duplex robustness 2024-06-19 16:04:51 +02:00
ssl Spicy SSL analyzer - address feedback 2024-09-11 11:30:16 +02:00
syslog General btest cleanup 2020-08-11 11:26:22 -07:00
tcp Add testcase for TCP segment offloading. 2021-11-23 12:37:55 +00:00
websocket websocket: Add Spicy parser version, too. 2024-02-06 17:29:55 +01:00
xmpp Remove @load base/frameworks/dpd from tests 2022-08-31 17:00:55 +02:00