[Bro] SMB2 module
Seth Hall
seth at icir.org
Mon Mar 9 22:33:46 PDT 2015
> On Mar 9, 2015, at 9:58 AM, Vito Logrillo <vitologrillo at gmail.com> wrote:
>
> The link above seems connected to a previous Bro version: an updated
> version is present? If no, SMB2 will be implemented in next
> releases?When?
SMB will not be making it into the 2.4 release. It’s still too unstable. That branch you pointed to however is very old and no longer represents the current development state of the SMB analyzer. Probably the most up to date code today is in topic/vladg/smb but we know of a number of issues in that still.
https://github.com/bro/bro/tree/topic/vladg/smb/src/analyzer/protocol/smb
> Due to our requirements, we think to make that module from scratch if
> anyone is working on; otherwise, can we take part to your team for the
> development and testing of that module?
��
SMB might be a larger task than you wish it were. There are quite a number of dead ends and problems that you discover as you dig into the protocol more and more. If you have spare development cycles and qualified developers, we’re certainly willing to talk. :)
Thanks,
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/
More information about the Bro
mailing list