Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/testing/btest/Baseline/signatures.tcp-syn-with-payload/tcp-fast-open.out
Jon Siwek 9c4e44924f GH-664: fix signature matching for payload-carrying SYN packets 
Or more generally, signatures would not work correctly for any case
where the first TCP packet seen contained payload data, regardless of
its TCP flags.
2019-10-29 17:20:08 -07:00

1 line
136 B
Text
Raw Blame History

signature_match [orig_h=10.99.99.1, orig_p=55534/tcp, resp_h=10.99.99.45, resp_p=80/tcp] - payload of dst-port=80/tcp contains 'passwd'
Reference in a new issue View git blame Copy permalink