Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base
History
Johanna Amann 95f1565498 Match DPD TLS signature on one-sided connections. 
This commit changes DPD matching for TLS connections. A one-sided match
is enough to enable DPD now.

This commit also removes DPD for SSLv2 connections. SSLv2 connections do
basically no longer happen in the wild. SSLv2 is also really finnicky to
identify correctly - there is very little data required to match it, and
basically all matches today will be false positives. If DPD for SSLv2 is
still desired, the optional signature in policy/protocols/ssl/dpd-v2.sig
can be loaded.

Fixes GH-1952
2022-02-01 16:51:21 +00:00
..
files GH-1634: Address feedback 2021-07-02 15:12:58 +01:00
frameworks update uses of "when" in base scripts to include captures 2022-01-07 14:53:33 -08:00
misc Tweak find-filtered-trace to not flag traces if they have non-TCP 2020-09-25 11:29:44 +00:00
packet-protocols Fix ethertype for ARP in Geneve forwarding rules 2021-12-09 14:58:08 -07:00
protocols Match DPD TLS signature on one-sided connections. 2022-02-01 16:51:21 +00:00
utils update uses of "when" in base scripts to include captures 2022-01-07 14:53:33 -08:00
init-bare.zeek Add VXLAN packet analyzer, disable old analyzer 2021-11-23 19:36:50 -07:00
init-default.zeek Add backtrace() and print_backtrace() 2020-07-03 14:09:31 -07:00
init-frameworks-and-bifs.zeek GH-1122: Allow initializing globals with calls to subdir BIFs 2020-08-27 12:20:37 -07:00
init-supervisor.zeek Establish a separate init script when using the supervisor 2021-07-08 13:12:53 -07:00