Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
No description
127 commits 387 branches 195 tags 255 MiB
Find a file
Gregor Maier 763a446182 Some small tweaks to the HTTP analyzer 
From ticket #339 http://tracker.icir.org/bro/ticket/339 :

* Fixing a couple of minor issues in the HTTP analyzer, that made the
  analyzer raise a ProtocolViolation() on strange but seemingly legal
  HTTP traffic. Well, the traffic might not necessarily be adhering the
  RFC, but the server has understood it.

* Also stops parsing when the message is interrupted to prevent further
  parsing and ProtocolViolation() generation.

* skip_http_entity_data: check return value of  FindAnalyzer, since it
  can be NULL

In addition:
* http-headers.bro now loads http.bro

Testsuite changes:
* Added a new weird (empty_http_request). This shows up once in the medium
  testsuite.
* no change when running short testsuite
2010-12-13 19:11:05 -08:00
aux Update submodules 2010-12-10 01:44:25 -08:00
cmake Removed some unset()'s that were missed 2010-11-30 15:17:49 -06:00
doc Cleanup of the Bro distribution. 2010-11-26 13:45:54 -08:00
policy Some small tweaks to the HTTP analyzer 2010-12-13 19:11:05 -08:00
src Some small tweaks to the HTTP analyzer 2010-12-13 19:11:05 -08:00
testing Initial import of svn+ssh:://svn.icir.org/bro/trunk/bro as of r7088 2010-09-27 20:42:30 -07:00
.gitignore New Makefile wrapper in top-level directory. 2010-11-26 15:31:00 -08:00
.gitmodules Allow building auxilliary projects along with Bro. 2010-11-17 20:38:35 -06:00
bro-path-dev.in Setting executable bit for bro-dev-path.in. 2010-12-09 02:51:11 -08:00
CHANGES Merge with Subversion repository as of r7137. Incorporated change: 2010-12-08 04:10:26 -08:00
Checklist-for-Release Cleanup of the Bro distribution. 2010-11-26 13:45:54 -08:00
CMakeLists.txt Changes to make running bro from build dir easier. 2010-12-06 11:30:52 -06:00
config.h.in Removed unused configure checks (leftover from autotools). 2010-11-17 20:38:34 -06:00
configure Allow CMake generators to pass through configure 2010-12-02 14:23:20 -06:00
COPYING Cleanup of the Bro distribution. 2010-11-26 13:45:54 -08:00
INSTALL Changes to make running bro from build dir easier. 2010-12-06 11:30:52 -06:00
Makefile New Makefile wrapper in top-level directory. 2010-11-26 15:31:00 -08:00
README Cleanup of the Bro distribution. 2010-11-26 13:45:54 -08:00
VERSION Merge with Subversion repository as of r7137. Incorporated change: 2010-12-08 04:10:26 -08:00

README 

This is release 1.6 of Bro, a system for detecting network intruders in
real-time using passive network monitoring.

Please see the file INSTALL for installation instructions and
pointers for getting started. For more documentation, see the
documentation on Bro's home page:

    http://www.bro-ids.org/docs

The main parts of Bro's documentation are also available in the doc/
directory of the distribution. (Please note that the documentation
is still a work in progress; there will be more in future releases.)

Numerous other Bro-related publications, including a paper describing the
system, can be found at

    http://www.bro-ids.org/publications.html

Send comments, etc., to the Bro mailing list, bro@bro-ids.org.
However, please note that you must first subscribe to the list in
order to be able to post to it.

- Vern Paxson & Robin Sommer, on behalf of the Bro development team

Lawrence Berkeley National Laboratory
University of California, Berkeley  USA

ICSI Center for Internet Research (ICIR)
International Computer Science Institute
Berkeley, CA  USA
vern@icir.org / robin@icir.org