zeek/scripts/base/protocols at 5f0023b3b0b5aa605dd484207143be6d6e19fb07 - Mirror/zeek

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00

History

Vlad Grigorescu 5f0023b3b0 DNS: Add support for SPF response records SPF response records are identical to TXT records in structure, and can be parsed and interpreted the same way. However, they have a different RR type, so they would generate weird events and not be parsed by Zeek before this change. Even though they're the same as TXT records from a protocol stance, I created a new event type (dns_SPF_reply), and call the records out as SPF in the logs, instead of as TXT records, since the distinction could be important for detection purposes. SPF records have been obsoleted, but continue to be seen in the wild.		2019-06-14 10:18:37 -05:00
..
conn	More bro-to-zeek renaming in scripts and other files	2019-05-16 02:36:41 -05:00
dce-rpc	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
dhcp	Deprecate functions with "bro" in them.	2019-06-05 16:18:57 -07:00
dnp3	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
dns	DNS: Add support for SPF response records	2019-06-14 10:18:37 -05:00
ftp	GH-234: rename Broxygen to Zeexygen along with roles/directives	2019-04-22 19:45:50 -07:00
http	GH-234: rename Broxygen to Zeexygen along with roles/directives	2019-04-22 19:45:50 -07:00
imap	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
irc	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
krb	Add missing &optional attr to KRB record fields	2019-05-16 08:52:04 -07:00
modbus	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
mysql	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
ntlm	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
pop3	Rename all scripts to have ".zeek" file extension	2019-04-11 21:12:40 -05:00
radius	GH-209: replace "remote_ip" field of radius.log with "tunnel_client"	2019-06-05 11:11:49 -07:00
rdp	Merge remote-tracking branch 'origin/topic/vlad/rdp_bluekeep'	2019-05-29 09:48:31 -07:00
rfb	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
sip	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
smb	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
smtp	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
snmp	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
socks	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
ssh	GH-234: rename Broxygen to Zeexygen along with roles/directives	2019-04-22 19:45:50 -07:00
ssl	update SSL consts from TLS 1.3	2019-04-22 22:57:45 +02:00
syslog	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00
tunnels	Rename all scripts to have ".zeek" file extension	2019-04-11 21:12:40 -05:00
xmpp	Merge remote-tracking branch 'origin/topic/seth/zeek_init'	2019-04-19 11:24:29 -07:00