[Zeek] ntp protocol analyzer
Vlad Grigorescu
vlad at es.net
Sun May 26 05:29:44 PDT 2019
There's some work in branch topic/vladg/ntp
<https://github.com/zeek/zeek/compare/topic/vladg/ntp>, but that's
incomplete and ~3 years old.
--Vlad
On Sat, May 25, 2019 at 4:26 AM Seth Hall <seth at corelight.com> wrote:
> No one is working on it that I know of and it's written in C++ because
> it's older. I think at some point I rewrote it in binpac but I suspect
> that has been lost to the sands of time at this point. A couple of years
> ago I think some others were working on ntp related stuff but I don't know
> if that went anywhere.
>
> If you're up for it, feel free to take on the ntp analyzer and rehab it!
>
> .Seth
>
> --
> Seth Hall * Corelight, Inc * www.corelight.com
>
>
> On May 24, 2019, at 4:29 AM, Palumbo Mauro <mauro.palumbo at aizoon.it>
> wrote:
>
> Hi Zeek’s devs,
>
> I am interested in an analyzer for the NTP protocol. I have seen that
> there is one in Zeek, but it doesn’t really parse all fields in details. Is
> anyone working on extending the present analyzer? Would it be of interest
> for the community to do so?
>
> Is there any reason why the present analyzer is written in C++ rather than
> binpac?
>
>
>
> Thanks,
>
> Mauro
>
> _______________________________________________
> Zeek mailing list
> zeek at zeek.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/zeek
>
> _______________________________________________
> Zeek mailing list
> zeek at zeek.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/zeek
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20190526/a6b1814a/attachment.html
More information about the Zeek
mailing list