base/bif/plugins/Bro_SMB.smb1_com_nt_create_andx.bif.bro

GLOBAL
Namespace:GLOBAL
Source File:/scripts/base/bif/plugins/Bro_SMB.smb1_com_nt_create_andx.bif.bro

Summary

Events

smb1_nt_create_andx_request: event Generated for SMB/CIFS version 1 requests of type nt create andx.
smb1_nt_create_andx_response: event Generated for SMB/CIFS version 1 responses of type nt create andx.

Detailed Interface

Events

smb1_nt_create_andx_request
Type:event (c: connection, hdr: SMB1::Header, file_name: string)

Generated for SMB/CIFS version 1 requests of type nt create andx. This is sent by the client to create and open a new file, or to open an existing file, or to open and truncate an existing file to zero length, or to create a directory, or to create a connection to a named pipe.

For more information, see MS-CIFS:2.2.4.64

C:The connection.
Hdr:The parsed header of the SMB version 1 message.
Name:The name attribute specified in the message.

See also: smb1_message, smb1_nt_create_andx_response

smb1_nt_create_andx_response
Type:event (c: connection, hdr: SMB1::Header, file_id: count, file_size: count, times: SMB::MACTimes)

Generated for SMB/CIFS version 1 responses of type nt create andx. This is the server response to the nt create andx request.

For more information, see MS-CIFS:2.2.4.64

C:The connection.
Hdr:The parsed header of the SMB version 1 message.
File_id:The SMB2 GUID for the file.
File_size:Size of the file.
Times:Timestamps associated with the file in question.

See also: smb1_message, smb1_nt_create_andx_request


Table of Contents

Next Page

base/bif/plugins/Bro_SMB.smb1_com_nt_cancel.bif.bro

Previous Page

base/bif/plugins/Bro_SMB.smb1_com_negotiate.bif.bro

Copyright 2016, The Bro Project. Last updated on December 07, 2018. Created using Sphinx 1.8.2.