Mirror/zeek
1
0
Fork 0
mirror of https://github.com/zeek/zeek.git synced 2025-10-02 14:48:21 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 2
zeek/scripts/base/protocols/ldap
History
Arne Welzel 242db4981d ldap: Use scalar values in logs where appropriate 
Skimming through the RFC, the previous approach of having containers for most
fields seems unfounded for normal protocol operation. The new weirds could just
as well be considered protocol violations. Outside of duplicated or missed data
they just shouldn't happen for well-behaved client/server behavior.
Additionally, with non-conformant traffic it would be trivial to cause
unbounded state growth and immense log record sizes.

Unfortunately, things have become a bit clunky now.

Closes #3504
2024-01-03 11:57:31 +01:00
..
__load__.zeek ldap: Add spicy-events.zeek 2023-10-19 10:48:34 +02:00
consts.zeek Move LDAP script constants to their own file 2023-10-10 18:28:13 +02:00
dpd.sig Move spicy-ldap into Zeek protocol analyzer tree 2023-10-10 09:21:57 +02:00
main.zeek ldap: Use scalar values in logs where appropriate 2024-01-03 11:57:31 +01:00
spicy-events.zeek ldap: Rename LDAP::search_result to LDAP::search_result_entry 2024-01-03 11:57:30 +01:00