Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-16 21:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base
History
Jon Siwek 6f346c8406 Add Teredo analysis option to reduce false positive decapsulation. 
The Tunnel::yielding_teredo_decapsulation (on by default) makes it so
the Teredo analyzer doesn't attempt to decapsulate payloads when
there's already a sibling analyzer that thinks it's parsing the right
protocol.  Sometimes, UDP payloads just happen to look like they are
validly Teredo-encapsulated and doing further analysis on the
decapsulated packet can quickly turn into a weird; this change helps
reduce such weirds.
2012-06-07 13:01:10 -05:00
..
frameworks Merge branch 'master' into topic/tunnels 2012-06-06 14:53:57 -05:00
misc Hopefully the last major script reorganization. 2011-08-05 23:09:53 -04:00
protocols Merge branch 'master' into topic/tunnels 2012-06-06 14:53:57 -05:00
utils Add support to Bro for connecting with peers over IPv6. 2012-05-09 15:08:36 -05:00
init-bare.bro Add Teredo analysis option to reduce false positive decapsulation. 2012-06-07 13:01:10 -05:00
init-default.bro Return of Robin's old SOCKS analyzer/decapsulator and tunnel code checkpoint. 2012-04-21 23:50:09 -04:00