[Bro] SMB/NetBIOS

Seth Hall seth at icir.org
Mon Apr 23 13:17:16 PDT 2012


On Apr 23, 2012, at 4:00 PM, relevant username wrote:

> I was wondering if anyone had a script (or documentation) that logs SMB traffic and activities including file names and folders being read, written, connections, etc.


I believe that this analyzer is broken.  I'm still working on the rewrite of the SMB analyzer which initially will probably focus primarily around file transfers and some of the associated data.

  .Seth

--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/





More information about the Bro mailing list