[Bro] Trouble with ASYMETRIC FTP traffic
Bindiya V S
bindiyavs at tataelxsi.co.in
Tue Mar 13 01:18:17 PDT 2007
Hi,
I am trying to analyze asymmetric (one sided) FTP traffic. I
have added signatures for identifying FTP traffic, and FTP
commands are getting properly identified. But I am facing
problems when trying to analyze the FTP data traffic. When 227
response comes, the function expect_connection is getting
called. But it looks like the data connection is not getting
identified after that.
File_Analyzer::DeliverStream is not getting called for the
data transfer.
Can some-body help me out?
I am waiting with my fingers crossed.
Thanks in advance
Bindiya :)
More information about the Bro
mailing list