Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-16 13:38:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/doc/traces
History
Tim Wojtulewicz adce4e604a Copy docs into Zeek repo directly 
This is based on commit 99e6942efec5feff50523f6b2a1f5868f19ab638 from the
zeek-docs repo.
2025-10-13 11:06:48 -07:00
..
20171220_smb_at_schedule.pcap Copy docs into Zeek repo directly 2025-10-13 11:06:48 -07:00
get.trace Copy docs into Zeek repo directly 2025-10-13 11:06:48 -07:00
quickstart.pcap Copy docs into Zeek repo directly 2025-10-13 11:06:48 -07:00
README Copy docs into Zeek repo directly 2025-10-13 11:06:48 -07:00

README 

Traces used in the examples of the docs.

* tm1t.pcap

  ?

* 20171220_smb_at_schedule.pcap

  References:

  https://redmine.openinfosecfoundation.org/issues/3109
  https://github.com/tianyulab/Hunting_lateral_movement/blob/master/20171220_smb_at_schedule.pcap

  SHA1:

  b5c5329536c7add1267cbbc50ac1436387c0b773

* get.trace

  That's the zeek/testing/btest/Traces/http/get.trace one.

* quickstart.pcap

  From curl commands:

  curl -X GET http://zeek.org
  curl -X WEIRD http://zeek.org