[Bro] Error in Netbios analyzer
Danilo Nicolò
dani.nicolo at gmail.com
Mon Mar 30 02:06:25 PDT 2015
Hi Seth,
Sorry, but I don't understand.I'm only using your NetBIOS analyzer in the
master branch (without SMB) and I've found that code in the tree master at
https://github.com/bro/bro/blob/master/src/analyzer/protocol/netbios/NetbiosSSN.cc
line 459.
Could you explain me where I'm making mistakes?
Thank you very much.
Regards,
Danilo
2015-03-27 19:43 GMT+01:00 Seth Hall <seth at icir.org>:
>
> > On Mar 27, 2015, at 1:22 PM, Danilo Nicolò <dani.nicolo at gmail.com>
> wrote:
> >
> > So I have seen the NetbiosSSN.cc file and I have found the line that
> should be fixed.
> >
> > At line 458 you can see that
> >
> > NetbiosSSN_Analyzer::NetbiosSSN_Analyzer(Connection* conn)
> :tcp::TCP_ApplicationAnalyzer("NETBIOS", conn)
> >
> > I've changed "NETBIOS" string to "NETBIOSSN", then re-built it and Bro
> worked.
>
> If you’re working with master, that code is no longer current. You also
> don’t want to rely on Bro for SMB analysis right now either as the analyzer
> is incomplete and broken.
>
> .Seth
>
> --
> Seth Hall
> International Computer Science Institute
> (Bro) because everyone has a network
> http://www.bro.org/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150330/fb35ff3c/attachment-0001.html
More information about the Bro
mailing list