Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 06:38:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 1
zeek/scripts/base/protocols
History
Johanna Amann 95f1565498 Match DPD TLS signature on one-sided connections. 
This commit changes DPD matching for TLS connections. A one-sided match
is enough to enable DPD now.

This commit also removes DPD for SSLv2 connections. SSLv2 connections do
basically no longer happen in the wild. SSLv2 is also really finnicky to
identify correctly - there is very little data required to match it, and
basically all matches today will be false positives. If DPD for SSLv2 is
still desired, the optional signature in policy/protocols/ssl/dpd-v2.sig
can be loaded.

Fixes GH-1952
2022-02-01 16:51:21 +00:00
..
conn Add analyzer_confirmation and analyzer_violation events 2021-11-23 19:36:50 -07:00
dce-rpc Remove trailing whitespace from script files 2021-10-20 09:57:09 -07:00
dhcp Remove trailing whitespace from script files 2021-10-20 09:57:09 -07:00
dnp3 Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
dns Remove trailing whitespace from script files 2021-10-20 09:57:09 -07:00
ftp Remove trailing whitespace from script files 2021-10-20 09:57:09 -07:00
http Switch to recording unmodified HTTP header. 2021-12-21 21:54:47 +01:00
imap Merge remote-tracking branch 'origin/topic/seth/zeek_init' 2019-04-19 11:24:29 -07:00
irc Remove trailing whitespace from script files 2021-10-20 09:57:09 -07:00
krb Remove trailing whitespace from script files 2021-10-20 09:57:09 -07:00
modbus Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
mqtt Disable MQTT by default 2019-08-05 17:04:39 -07:00
mysql Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
ntlm Remove trailing whitespace from script files 2021-10-20 09:57:09 -07:00
ntp &is_set => &is_assigned 2021-02-04 12:18:46 -08:00
pop3 Rename all scripts to have ".zeek" file extension 2019-04-11 21:12:40 -05:00
radius Remove trailing whitespace from script files 2021-10-20 09:57:09 -07:00
rdp Add analyzer_confirmation and analyzer_violation events 2021-11-23 19:36:50 -07:00
rfb Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
sip Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
smb Remove trailing whitespace from script files 2021-10-20 09:57:09 -07:00
smtp GH-1589: Avoid extracting IP-like strings from SMTP headers 2021-09-03 17:35:10 +00:00
snmp Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
socks Support for log filter policy hooks 2020-09-30 12:32:45 -07:00
ssh Add analyzer_confirmation and analyzer_violation events 2021-11-23 19:36:50 -07:00
ssl Match DPD TLS signature on one-sided connections. 2022-02-01 16:51:21 +00:00
syslog Remove trailing whitespace from script files 2021-10-20 09:57:09 -07:00
tunnels Add Teredo packet analyzer, disable old analyzer 2021-11-23 19:36:50 -07:00
xmpp Merge remote-tracking branch 'origin/topic/seth/zeek_init' 2019-04-19 11:24:29 -07:00