zeek/scripts/base/protocols/ssh at c93b057a970bf1623c5a32901ea32f874aecb42f - Mirror/zeek

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00

History

Aaron Eppert c93b057a97 (BIT-1545) Add "disable_analyzer_after_detection" en lieu of "skip_processing_after_detection" The default of "skip_processing_after_detection" is confusing and causes conn.log to not be written as one would assume, plus the counters are not incremented and thus some kinds of potential detections are short-changed. I propose adding "disable_analyzer_after_detection" which would react, on the surface, the same way by disabling the SSH analyzer, but allowing conn.log to be written appropriately.		2016-03-05 11:59:52 -05:00
..
__load__.bro	Merge remote-tracking branch 'origin/topic/vladg/ssh'	2015-03-25 11:04:26 -07:00
dpd.sig	Refactored the SSH analyzer. Added supported for algorithm detection and more key exchange message types.	2015-01-13 12:02:31 -05:00
main.bro	(BIT-1545) Add "disable_analyzer_after_detection" en lieu of "skip_processing_after_detection"	2016-03-05 11:59:52 -05:00
README	Add missing documentation on the "Bro Package Index" page	2015-06-02 10:00:00 -05:00

Support for SSH protocol analysis.