Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-10 10:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
zeek/testing
History
Jon Siwek 68aead024a Add an example of a GridFTP data channel detection script. 
It relies on the heuristics of GridFTP data channels commonly default to
SSL mutual authentication with a NULL bulk cipher and that they usually
transfer large datasets (default threshold of script is 1 GB).  The
script also defaults to skip_further_processing() after detection to try
to save cycles analyzing the large, benign connection.

Also added a script in base/protocols/conn/polling that generalizes the
process of polling a connection for interesting features.  The GridFTP
data channel detection script depends on it to monitor bytes
transferred.
2012-10-01 12:32:24 -05:00
..
btest Add an example of a GridFTP data channel detection script. 2012-10-01 12:32:24 -05:00
external Tweaking logs-to-elasticsearch.bro so that it doesn't do anything if 2012-07-28 11:21:20 -07:00
scripts Fix mime type diff canonifier to also skip mime_desc columns 2012-08-17 15:22:51 -05:00
.gitignore Test coverage integration for external tests and complete suite. 2012-01-12 11:58:13 -06:00
Makefile Make tests even quieter. 2012-05-24 17:33:02 -07:00
README Cleaning up some testing stuff. 2011-07-05 18:47:08 -07:00

README 

This directory contains suites for testing for Bro's correct
operation:

    btest/
        An ever-growing set of small unit tests testing Bro's
        functionality.

    external/
        A framework for downloading additional test sets that run more
        complex Bro configuration on larger traces files. Due to their
        size, these are not included directly. See the README for more
        information. 

    scripts/
        Helpers scripts used by some tests.