[Zeek] Exfiltration of data
Scot Harris
SHARRIS at hollywoodfl.org
Thu Jan 23 14:01:45 PST 2020
Are there any specific packages for zeek or built in scripts that are used to identify exfiltration of data?
I have loaded the large file package.
But am looking for something that can be searched for specific file names when requested.
I see some data in the files logs as well as in the smb logs.
Looking for something that would identify the file, source, destination.
Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/zeek/attachments/20200123/976b4c4f/attachment.html
More information about the Zeek
mailing list