Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-03 07:08:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3
zeek/scripts/base
History
Bernhard Amann ea1616bed5 At the moment, SSL connections where the ssl_established event does not fire are not logged. 
That means that, for example, connections that are terminated with an alert during the
handshake never appear in the ssl.log.

This patch changes this behavior - now all ssl connections that fire any event are logged.

The protocol confirmation of the ssl analyzer is moved to the client_hello instead to
the server hello. Furthermore, an additional field is added to ssl.log, which indicates
if a connection has been established or not (which probably indicates a handshake problem).
2014-03-04 14:23:49 -08:00
..
files Minor unified2 script documentation fix. 2014-02-03 16:55:23 -06:00
frameworks Merge remote-tracking branch 'origin/topic/jazoff/notice_file_info' 2014-01-20 12:01:44 -08:00
misc Add script to detect filtered TCP traces, addresses BIT-1119. 2014-01-31 17:04:58 -06:00
protocols At the moment, SSL connections where the ssl_established event does not fire are not logged. 2014-03-04 14:23:49 -08:00
utils Return the Dir module to file name tracking instead of inode tracking. 2013-10-29 11:09:55 -04:00
init-bare.bro Merge remote-tracking branch 'origin/topic/bernhard/ticket-1144' 2014-03-03 16:35:00 -08:00
init-default.bro Add script to detect filtered TCP traces, addresses BIT-1119. 2014-01-31 17:04:58 -06:00