[Bro] SMB connections
zied.turki at outlook.com
Mon Nov 30 02:48:54 PST 2015
Hello Bro Community,
I am working on the data exfiltration and I have just tested the Exfil Framework.
I have noticed, that the script failed to detect file uploads from the file server using SMB protocol. Looking to the connections logs (conn.log), the SMB connections are unfortunately not logged.
Would it be a known issue ? or should I tune some params ?
Please note that the trafic arrives to Bro machine (I have checked using tcpdump).
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro