mirror of
https://github.com/zeek/zeek.git
synced 2025-10-06 16:48:19 +00:00
3ac877e20d
This is similar to what the external corelight/zeek-smb-clear-state script does, but leverages the smb2_discarded_messages_state() event instead of regularly checking on the state of SMB connections. The pcap was created using the dperson/samba container image and mounting a share with Linux's CIFS filesystem, then copying the content of a directory with 100 files. The test uses a BPF filter to imitate mostly "half-duplex" traffic. |
||
|---|---|---|
| .. | ||
| dssetup_DsRoleGetPrimaryDomainInformation_standalone_workstation.cap | ||
| raw_ntlm_in_smb.pcap | ||
| smb1-OSS-fuzz-54883.pcap | ||
| smb1.pcap | ||
| smb1_transaction2_request.pcap | ||
| smb1_transaction2_secondary_request.pcap | ||
| smb1_transaction_request.pcap | ||
| smb1_transaction_response.pcap | ||
| smb1_transaction_secondary_request.pcap | ||
| smb2.delete-on-close-perms-delete-existing.pcap | ||
| smb2.pcap | ||
| smb2_100_small_files.pcap | ||
| smb2_fscontrol.pcap | ||
| smb2readwrite.pcap | ||
| smb3.pcap | ||
| smb3_multichannel.pcap | ||
| smb3_negotiate_context.pcap | ||
| smb311.pcap | ||
| SMBGhost.pcap | ||