base/bif/plugins/Bro_SMB.smb1_com_negotiate.bif.bro

GLOBAL
Namespace:GLOBAL
Source File:/scripts/base/bif/plugins/Bro_SMB.smb1_com_negotiate.bif.bro

Summary

Events

smb1_negotiate_request: event Generated for SMB/CIFS version 1 requests of type negotiate.
smb1_negotiate_response: event Generated for SMB/CIFS version 1 responses of type negotiate.

Detailed Interface

Events

smb1_negotiate_request
Type:event (c: connection, hdr: SMB1::Header, dialects: string_vec)

Generated for SMB/CIFS version 1 requests of type negotiate. This is sent by the client to initiate an SMB connection between the client and the server. A negotiate exchange MUST be completed before any other SMB messages are sent to the server.

For more information, see MS-CIFS:2.2.4.52

C:The connection.
Hdr:The parsed header of the SMB version 1 message.
Dialects:The SMB dialects supported by the client.

See also: smb1_message, smb1_negotiate_response

smb1_negotiate_response
Type:event (c: connection, hdr: SMB1::Header, response: SMB1::NegotiateResponse)

Generated for SMB/CIFS version 1 responses of type negotiate. This is the server response to the negotiate request.

For more information, see MS-CIFS:2.2.4.52

C:The connection.
Hdr:The parsed header of the SMB version 1 message.
Response:A record structure containing more information from the response.

See also: smb1_message, smb1_negotiate_request

Copyright 2016, The Bro Project. Last updated on December 07, 2018. Created using Sphinx 1.8.2.