[Bro-Dev] [JIRA] (BIT-1528) SNMP and SIP scans show up in known services.
Robin Sommer (JIRA)
jira at bro-tracker.atlassian.net
Fri Apr 8 13:30:00 PDT 2016
[ https://bro-tracker.atlassian.net/browse/BIT-1528?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robin Sommer updated BIT-1528:
------------------------------
Resolution: Merged (was: Fixed)
Status: Closed (was: Merge Request)
> SNMP and SIP scans show up in known services.
> ---------------------------------------------
>
> Key: BIT-1528
> URL: https://bro-tracker.atlassian.net/browse/BIT-1528
> Project: Bro Issue Tracker
> Issue Type: Problem
> Components: Bro
> Affects Versions: 2.4
> Reporter: Justin Azoff
> Assignee: Robin Sommer
> Fix For: 2.5
>
>
> It appears that single packet SIP and SNMP scans cause the destination host to end up in known_services as running a SIP or SNMP service, even though they are not running that service and did not respond to the packet.
--
This message was sent by Atlassian JIRA
(v7.2.0-OD-05-030#72002)
More information about the bro-dev
mailing list