[Bro] SMB connections
Zied Turki
zied.turki at outlook.com
Mon Nov 30 02:48:54 PST 2015
Hello Bro Community,
I am working on the data exfiltration and I have just tested the Exfil Framework.
I have noticed, that the script failed to detect file uploads from the file server using SMB protocol. Looking to the connections logs (conn.log), the SMB connections are unfortunately not logged.
Would it be a known issue ? or should I tune some params ?
Please note that the trafic arrives to Bro machine (I have checked using tcpdump).
Many thanks,
BR,
Zied
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20151130/d70a9257/attachment-0001.html
More information about the Bro
mailing list