bro-simple-scan
bro-simple-scan copied to clipboard
ncsa
For "Port_Scan", where we have a fixed singular "victim", map this value back to the destination. Example. 192.168.0.1 scanned at least 250 unique ports on host 192.168.0.2 in 0m5s notice.src...
With Zeek 6, private subnets are added to Site::local_nets by default. The failing test requires that not to be the case, so for Zeek 6 only, set Site::private_address_space_is_local to F.
Change the package settings to Zeek option types for easier run-time configuration changes.
Hi! We've deprecated the old `misc/scan.zeek` in the Zeek distribution and are pointing at this package for suggested replacement: zeek/zeek#2357. Two quick questions: - Is this package still maintained? -...
It would be extremely useful to us to be able to tell that a scanner - scanned 50 remote hosts - scanned 5 local hosts For the Random and Address...
i.e. related to the following issues: https://github.com/bro/package-manager/issues/14 https://github.com/bro/package-manager/issues/15 https://github.com/ncsa/bro-simple-scan/issues/1 I think the changes in this PR are the way dependencies should be handled by this package. At least for the...
Using the official zeek docker image: ``` $ zkg install --force --skiptests --nodeps --version master https://github.com/ncsa/bro-is-darknet ... $ zkg install --force --skiptests --nodeps --version master https://github.com/ncsa/bro-simple-scan ... $ cd /usr/local/zeek/var/lib/zkg/clones/package/bro-simple-scan/testing...
