Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base
History
Vlad Grigorescu 5f0023b3b0 DNS: Add support for SPF response records 
SPF response records are identical to TXT records in structure, and
can be parsed and interpreted the same way. However, they have a
different RR type, so they would generate weird events and not be
parsed by Zeek before this change.

Even though they're the same as TXT records from a protocol stance, I
created a new event type (dns_SPF_reply), and call the records out as
SPF in the logs, instead of as TXT records, since the distinction
could be important for detection purposes.

SPF records have been obsoleted, but continue to be seen in the wild.
2019-06-14 10:18:37 -05:00
..
files GH-379: move catch-and-release and unified2 scripts to policy/ 2019-06-05 13:33:45 -07:00
frameworks Deprecate functions with "bro" in them. 2019-06-05 16:18:57 -07:00
misc Deprecate functions with "bro" in them. 2019-06-05 16:18:57 -07:00
protocols DNS: Add support for SPF response records 2019-06-14 10:18:37 -05:00
utils More bro-to-zeek renaming in scripts and other files 2019-05-16 02:36:41 -05:00
init-bare.zeek Merge remote-tracking branch 'origin/master' into topic/johanna/tls13-details 2019-06-07 16:52:38 +10:00
init-default.zeek GH-379: move catch-and-release and unified2 scripts to policy/ 2019-06-05 13:33:45 -07:00
init-frameworks-and-bifs.zeek Rename all scripts to have ".zeek" file extension 2019-04-11 21:12:40 -05:00