suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	2b581cd6db	smb: log trans2 that enable delete on close	7 years ago
Pierre Chifflier	576b8ef722	SMB: simplify code	8 years ago
Pierre Chifflier	cf5de0c58e	SMB: use String::from_utf8_lossy in logging functions	8 years ago
Pierre Chifflier	b5529e4ffb	SMB: use kerberos-parser to extract Real and PrincipalName	8 years ago
Victor Julien	8eeda113c8	smb1: add parsing for RENAME command	8 years ago
Victor Julien	7b61f2c589	smb2: log renames	8 years ago
Victor Julien	71742ed52b	smb: share can't be <share_root>	8 years ago
Victor Julien	fb986abe81	smb: log file FID/GUID as fuid	8 years ago
Victor Julien	816bd022a6	smb1: improve non nt-status handling Support SRV error, with a couple of codes. Rename statux field to status_code.	8 years ago
Victor Julien	5c26020714	smb2: add ioctl transactions to log the funcs	8 years ago
Victor Julien	75265ec376	smb2: map ioctl funcs to names List is based on Wireshark's list.	8 years ago
Victor Julien	7cd66516f0	smb: use formal MS names for disposition	8 years ago
Victor Julien	f7ed749d4f	smb: disable debug output	8 years ago
Victor Julien	6d56edc3de	smb2: log client and server guid from negotiate	8 years ago
Victor Julien	c56f5e11ca	smb2: log share type	8 years ago
Victor Julien	d75ebdb981	smb: log create empty filename as '<share_root>' like Bro does	8 years ago
Victor Julien	fcbeab70a4	smb1: log create 'service' fields	8 years ago
Victor Julien	c91242e71c	smb: rename file to filename in output	8 years ago
Victor Julien	0e05ef7369	smb2: parse and log timestamps in CREATE	8 years ago
Victor Julien	8bef120898	smb: session setup improvements Improve ntlmssp version extraction and logging, make its data structures optional. Extract native os/lm from smb1 ssn setup. Move session setup handling into their own files. Only log auth data for the session setup tx.	8 years ago
Victor Julien	75d7c9d64a	rust/smb: initial support Implement SMB app-layer parser for SMB1/2/3. Features: - file extraction - eve logging - existing dce keyword support - smb_share/smb_named_pipe keyword support (stickybuffers) - auth meta data extraction (ntlmssp, kerberos5)	8 years ago

21 Commits (13918be589c69f547ad44972f5f5d0ed59c805fa)