suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	fb986abe81	smb: log file FID/GUID as fuid	7 years ago
Victor Julien	816bd022a6	smb1: improve non nt-status handling Support SRV error, with a couple of codes. Rename statux field to status_code.	7 years ago
Victor Julien	7ab071a58d	rust/smb: implement minimal record parsing in probing	7 years ago
Victor Julien	283be3cade	smb2: break out ioctl handling	7 years ago
Victor Julien	5c26020714	smb2: add ioctl transactions to log the funcs	7 years ago
Victor Julien	6d56edc3de	smb2: log client and server guid from negotiate	7 years ago
Victor Julien	c56f5e11ca	smb2: log share type	7 years ago
Victor Julien	fcbeab70a4	smb1: log create 'service' fields	7 years ago
Victor Julien	0e05ef7369	smb2: parse and log timestamps in CREATE	7 years ago
Victor Julien	28f16e38ac	smb1: disable 'generic tx's for common commands Don't create a generic TX for each READ, WRITE, TRANS, TRANS2, except if they cause events to trigger.	7 years ago
Victor Julien	be615c9fbc	smb: small cleanups, fixes and optimizations	7 years ago
Victor Julien	0d69e7b8c2	smb: remove unused dialects from state	7 years ago
Victor Julien	a44504a1bf	smb: redo gap catch up handling	7 years ago
Victor Julien	b34392051d	smb3: parse transform records	7 years ago
Victor Julien	7ceb67138f	smb: add status	7 years ago
Victor Julien	7dff9b9969	smb/nbss: work around bad traffic	7 years ago
Victor Julien	8bef120898	smb: session setup improvements Improve ntlmssp version extraction and logging, make its data structures optional. Extract native os/lm from smb1 ssn setup. Move session setup handling into their own files. Only log auth data for the session setup tx.	7 years ago
Victor Julien	75d7c9d64a	rust/smb: initial support Implement SMB app-layer parser for SMB1/2/3. Features: - file extraction - eve logging - existing dce keyword support - smb_share/smb_named_pipe keyword support (stickybuffers) - auth meta data extraction (ntlmssp, kerberos5)	7 years ago

18 Commits (15978d4e859ffa37fb640d626767d211d33c14a9)