suricata

Commit Graph

Author	SHA1	Message	Date
Victor Julien	4d58aaae90	smb: clean up partial read/write record handling	8 years ago
Victor Julien	aa8d64c2b8	smb: improve skip handling When skipping records the skip tracker could underflow if the record parsing had more data than expected. Enforce the calculation by moving it into a method and make the actual fields private.	8 years ago
Victor Julien	ea1e13cb00	smb: suppress notice messages	8 years ago
Victor Julien	7b61f2c589	smb2: log renames	8 years ago
Victor Julien	15978d4e85	smb: if filename is missing, use '<unknown>'	8 years ago
Victor Julien	32b19fac99	smb2: don't log/track each READ/WRITE/etc	8 years ago
Victor Julien	fb986abe81	smb: log file FID/GUID as fuid	8 years ago
Victor Julien	283be3cade	smb2: break out ioctl handling	8 years ago
Victor Julien	bf08285602	smb2: parse async records	8 years ago
Victor Julien	5c26020714	smb2: add ioctl transactions to log the funcs	8 years ago
Victor Julien	6d56edc3de	smb2: log client and server guid from negotiate	8 years ago
Victor Julien	c56f5e11ca	smb2: log share type	8 years ago
Victor Julien	0e05ef7369	smb2: parse and log timestamps in CREATE	8 years ago
Victor Julien	ecbf10da70	smb2: improve write error handling	8 years ago
Victor Julien	894a73ee06	smb2: add missing commands and improve ioctl err handling	8 years ago
Victor Julien	8bef120898	smb: session setup improvements Improve ntlmssp version extraction and logging, make its data structures optional. Extract native os/lm from smb1 ssn setup. Move session setup handling into their own files. Only log auth data for the session setup tx.	8 years ago
Victor Julien	75d7c9d64a	rust/smb: initial support Implement SMB app-layer parser for SMB1/2/3. Features: - file extraction - eve logging - existing dce keyword support - smb_share/smb_named_pipe keyword support (stickybuffers) - auth meta data extraction (ntlmssp, kerberos5)	8 years ago

17 Commits (fc38013975ab8875863e23efda97eaecb7ff7a09)