base/bif/plugins/Bro_SMB.events.bif.bro

GLOBAL

Namespace:	GLOBAL
Source File:	`/scripts/base/bif/plugins/Bro_SMB.events.bif.bro`

Summary

Events

smb_pipe_connect_heuristic: event Generated for SMB connections when a named pipe has been detected heuristically.

Detailed Interface

Events

smb_pipe_connect_heuristic

Type:	`event` (c: `connection`)

Generated for SMB connections when a named pipe has been detected heuristically. The case when this comes up is when the drive mapping isn’t seen so the analyzer is not able to determine whether to send the data to the files framework or to the DCE_RPC analyzer. This heuristic can be tuned by adding or removing “named pipe” names from the SMB::pipe_filenames const.

C:	The connection.

base/bif/plugins/Bro_SMB.events.bif.bro

Summary

Events

Detailed Interface

Events

Table of Contents

Next Page

Previous Page

base/bif/plugins/Bro_SMB.events.bif.bro

Summary

Events

Detailed Interface

Events

Table of Contents

Next Page

Previous Page

Search