zeek/scripts/base/protocols/dce-rpc at e4b620673b50469c72f794e174aa43c46d5751e5 - Mirror/zeek

mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00

History

Seth Hall e4b620673b More DCE_RPC improvements. - The logic for fragment handling has been rewritten and should be correct now. - There are now tunables for fragment handling overflow situations. - DCE_RPC::max_cmd_reassembly and DCE_RPC::max_frag_data - They result in weirds and analyzer removal. - Memory leak fixed by unique_ptr auto cleanup. - DCE_RPC is now intolerate of content gaps and will stop analyzing traffic if content gaps happen (like most other analyzers currently).		2016-10-24 03:22:20 -04:00
..
__load__.bro	Now actually loading DCE-RPC's dpd.sig	2016-07-07 12:55:49 -04:00
consts.bro	More DCE_RPC improvements.	2016-10-24 03:22:20 -04:00
dpd.sig	Fixes for DCE_RPC analyzer	2016-10-08 10:00:26 -04:00
main.bro	Fixes for DCE_RPC analyzer	2016-10-08 10:00:26 -04:00
README	Added missing README files for documentation	2016-10-10 22:55:50 -05:00

Support for DCE/RPC (Distributed Computing Environment/Remote Procedure
Calls) protocol analysis.