[Bro] SMB/NetBIOS
relevant username
relevantusername at gmail.com
Mon Apr 23 13:00:34 PDT 2012
Greetings all.
I was wondering if anyone had a script (or documentation) that logs SMB
traffic and activities including file names and folders being read,
written, connections, etc.
The only information I found regarding this is from the event.bif.bro which
ships with Bro 2.0.
## .. todo:: Bro's current default configuration does not activate the
protocol
## analyzer that generates this event; the corresponding script has not
yet
## been ported to Bro 2.x. To still enable this event, one needs to add a
## corresponding entry to :bro:see:`dpd_config` or a DPD payload
signature.
Thank you!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20120423/54cc7924/attachment.html
More information about the Bro
mailing list