vlad at grigorescu.org
Tue Sep 9 09:41:20 PDT 2014
There are no SMB policy scripts yet. Just the base scripts to generate the
various SMB logs.
On Mon, Sep 8, 2014 at 5:36 PM, Mike Reeves <luke at geekempire.com> wrote:
> Are there any Bro scripts for SMB or is this something I need to figure
> out on my own?
> On Sep 2, 2014, at 9:33 PM, Vlad Grigorescu <vlad at grigorescu.org> wrote:
> On Tue, Sep 2, 2014 at 12:38 PM, Michal Purzynski <
> michalpurzynski1 at gmail.com> wrote:
>> - do we have ways to detect other similar protocols? NFS, I'm looking at
>> you. And MySQL. And Postgres.
> I'm hoping you mean similar from a functionality standpoint, and not
> similar based on what's on the wire... :-)
> There was an old NFS analyzer:
> https://github.com/bro/bro/blob/v2.1/src/NFS.cc Apparently it didn't
> work all that well, but it might be a jumping off point.
> There's a MySQL analyzer that's currently in beta in topic/vladg/smb. I
> don't know of anyone working on Postgres right now.
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro