[Bro] HTTP plus Compression File Extraction
Seth Hall
seth at icir.org
Sat Apr 25 22:08:52 PDT 2015
> On Apr 26, 2015, at 12:54 AM, anthony kasza <anthony.kasza at gmail.com> wrote:
>
> It's absolutely the most sane case. As usual I have a specific use case in mind. When the gzip contents are corrupted I'd like to attempt to recover portions of whatever was transferred. I'll try to find an example trace...
I may have just fixed the problem recently that you’re seeing. There is an issue where some web servers don’t set all of the deflate headers correctly and Bro has never dealt with this right, but I fixed it recently, I just have to find where I put it, I don’t think I ever pushed it out to git.
Does this sound like the problem you’re seeing?
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150426/01dced69/attachment.bin
More information about the Bro
mailing list