[Zeek] RDP protocol details
Justin Azoff
justin at corelight.com
Wed Jun 5 11:31:46 PDT 2019
Does this help?
https://github.com/zeek/zeek/blob/1e488d7ebe2c889b20333a4196512e069e34f630/scripts/base/init-bare.zeek#L4279-L4306
channels is a vector of RDP::ClientChannelDef
On Wed, Jun 5, 2019 at 2:15 PM Neslog <neslog at gmail.com> wrote:
> Hi I'm looking at RDP protocol and looking for some details. I'm looking
> for encryption algorithms
> and methods supported by the client. I believe it would be in the
> following event but not sure where I pulled it from.
>
> event rdp_client_network_data(c: connection, channels: ClientChannelList)
>
> Appreciate any insights.
> _______________________________________________
> Zeek mailing list
> zeek at zeek.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/zeek
--
Justin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190605/c7c9aaa5/attachment.html
More information about the Zeek
mailing list