[Bro] Fox-IT smb-ransomware bro script
vladg at illinois.edu
Tue Sep 27 07:55:01 PDT 2016
What version of Bro are you running. This would only work on the Bro 2.5
beta, or if you're using the SMB branch.
erik clark <philosnef at gmail.com> writes:
> Has anyone had any success with Fox-ITs smb-ransomware script?
> I am getting:
> error in ./smb-ransomware.bro, line 80: no such field in record
> error in ./smb-ransomware.bro, line 84: no such field in record
> error in ./smb-ransomware.bro, line 84: unknown identifier SMB::FILE_WRITE,
> at or near "SMB::FILE_WRITE"
> I didn't want to open a github issue if there is a simple fix that I am
> unaware of. Thanks!
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 800 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160927/68df9a1a/attachment.bin
More information about the Bro