[Bro] SMB
Vlad Grigorescu
vlad at grigorescu.org
Tue Sep 9 09:41:20 PDT 2014
There are no SMB policy scripts yet. Just the base scripts to generate the
various SMB logs.
--Vlad
On Mon, Sep 8, 2014 at 5:36 PM, Mike Reeves <luke at geekempire.com> wrote:
> Are there any Bro scripts for SMB or is this something I need to figure
> out on my own?
>
>
>
> On Sep 2, 2014, at 9:33 PM, Vlad Grigorescu <vlad at grigorescu.org> wrote:
>
> On Tue, Sep 2, 2014 at 12:38 PM, Michal Purzynski <
> michalpurzynski1 at gmail.com> wrote:
>
>> - do we have ways to detect other similar protocols? NFS, I'm looking at
>> you. And MySQL. And Postgres.
>
>
> I'm hoping you mean similar from a functionality standpoint, and not
> similar based on what's on the wire... :-)
>
> There was an old NFS analyzer:
> https://github.com/bro/bro/blob/v2.1/src/NFS.cc Apparently it didn't
> work all that well, but it might be a jumping off point.
>
> There's a MySQL analyzer that's currently in beta in topic/vladg/smb. I
> don't know of anyone working on Postgres right now.
>
> --Vlad
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140909/e052b466/attachment.html
More information about the Bro
mailing list