[Bro] File Extraction Question
Mike Sconzo
sconzo at visiblerisk.com
Thu Oct 11 17:38:56 PDT 2012
Played with it a bit more and
redef HTTP::generate_md5 = /NO_FILE_TYPE_EVER/;
added to a .bro file fixes the problem. I no longer get md5 sums, but
all executables are successfully extracted into the extraction
directory.
Is this anticipated behavior? Or should I get my cake and eat it too? :)
Thanks again.
On Thu, Oct 11, 2012 at 4:57 PM, Mike Sconzo <sconzo at visiblerisk.com> wrote:
> Good catch, copy-paste from another script. Made the change, still no dice.
>
> On Thu, Oct 11, 2012 at 4:23 PM, Vlad Grigorescu <vladg at cmu.edu> wrote:
>> Might be nothing, but having the extra &redef at the end seems strange to me.
>>
>> --Vlad
>>
>> On Oct 11, 2012, at 5:10 PM, Mike Sconzo <sconzo at visiblerisk.com>
>> wrote:
>>
>>> redef HTTP::extract_file_types = /application\/x-dosexec/ &redef;
>>
>
>
>
> --
> cat ~/.bash_history > documentation.txt
--
cat ~/.bash_history > documentation.txt
More information about the Bro
mailing list