relevantusername at gmail.com
Mon Apr 23 13:00:34 PDT 2012
I was wondering if anyone had a script (or documentation) that logs SMB
traffic and activities including file names and folders being read,
written, connections, etc.
The only information I found regarding this is from the event.bif.bro which
ships with Bro 2.0.
## .. todo:: Bro's current default configuration does not activate the
## analyzer that generates this event; the corresponding script has not
## been ported to Bro 2.x. To still enable this event, one needs to add a
## corresponding entry to :bro:see:`dpd_config` or a DPD payload
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro