[Bro] SMB
Vlad Grigorescu
vlad at grigorescu.org
Tue Sep 2 18:33:11 PDT 2014
On Tue, Sep 2, 2014 at 12:38 PM, Michal Purzynski <
michalpurzynski1 at gmail.com> wrote:
> - do we have ways to detect other similar protocols? NFS, I'm looking at
> you. And MySQL. And Postgres.
I'm hoping you mean similar from a functionality standpoint, and not
similar based on what's on the wire... :-)
There was an old NFS analyzer:
https://github.com/bro/bro/blob/v2.1/src/NFS.cc Apparently it didn't work
all that well, but it might be a jumping off point.
There's a MySQL analyzer that's currently in beta in topic/vladg/smb. I
don't know of anyone working on Postgres right now.
--Vlad
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140902/c985d36c/attachment.html
More information about the Bro
mailing list