Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base/protocols/smb
History
Arne Welzel 3ac877e20d scripts/smb2-main: Reset script-level state upon smb2_discarded_messages_state() 
This is similar to what the external corelight/zeek-smb-clear-state script
does, but leverages the smb2_discarded_messages_state() event instead of
regularly checking on the state of SMB connections.

The pcap was created using the dperson/samba container image and mounting
a share with Linux's CIFS filesystem, then copying the content of a
directory with 100 files. The test uses a BPF filter to imitate mostly
"half-duplex" traffic.
2023-05-03 11:22:01 +02:00
..
__load__.zeek Rename all scripts to have ".zeek" file extension 2019-04-11 21:12:40 -05:00
const-dos-error.zeek Rename all scripts to have ".zeek" file extension 2019-04-11 21:12:40 -05:00
const-nt-status.zeek Rename all scripts to have ".zeek" file extension 2019-04-11 21:12:40 -05:00
consts.zeek fix for ill-formed (complex) &default function 2022-03-31 19:31:21 -07:00
dpd.sig Enable SMB by default by moving scripts from policy/ to base/ 2018-08-16 17:23:28 -05:00
files.zeek scripts: Migrate table iteration to blank identifiers 2022-10-24 10:36:09 +02:00
main.zeek scripts/smb2-main: Reset script-level state upon smb2_discarded_messages_state() 2023-05-03 11:22:01 +02:00
README Enable SMB by default by moving scripts from policy/ to base/ 2018-08-16 17:23:28 -05:00
smb1-main.zeek smb1: Prevent accessing uninitialized referenced_tree 2023-01-27 19:22:13 +01:00
smb2-main.zeek scripts/smb2-main: Reset script-level state upon smb2_discarded_messages_state() 2023-05-03 11:22:01 +02:00

README 

Support for SMB protocol analysis.