Timeline
Not logged in

Many hyperlinks are disabled.
Use anonymous login to enable hyperlinks.

50 most recent timeline items

2010-12-17
04:01
[f93b081552] Leaf: A bit more work on autoruns script (user: sansforensics, tags: trunk)
2010-12-15
04:26
[2a86484913] more work on autoruns, also added umount_all script (user: sansforensics, tags: trunk)
2010-12-10
04:18
[72d1b2d8ae] First bit of work on trying to get an autorun dumping script. Got automounting script working though (user: sansforensics, tags: trunk)
2010-12-08
16:13
[bb991aaf6c] Final-ish commit (user: david, tags: trunk)
16:12 • Changes to wiki page dvessey-bro-analysis-howto (user: david)
12:20
[d5ca8547f8] added exec_bro_single script (user: david, tags: trunk)
03:39 • Changes to wiki page dvessey-misc-bro (user: dvessey)
2010-12-07
22:29
[9703d635c7] Fixed small problem with run_bro script (user: david, tags: trunk)
22:11
[b5c72d429f] Everything almost totally mostly good :) - session ID's update from file to file (user: david, tags: trunk)
21:32 • Changes to wiki page dvessey-misc-bro (user: dvessey)
2010-12-06
22:20
[c6ac1a09a3] working to update all ssn ids (user: david, tags: trunk)
04:49
[718f4a7a4b] Finally got something that kind of works for writing to multiple pipes in proctest.py (user: david, tags: trunk)
2010-12-03
15:44
[4fe4c4d098] Mostly kinda sorta fully functional?? (user: david, tags: trunk)
15:29
[f6e2ec5fc4] Load data all working./run_bro.sh (user: david, tags: trunk)
14:44 • Changes to wiki page dvessey-bro-analysis-howto (user: dvessey)
14:34 • Changes to wiki page dvessey-bro-analysis-howto (user: dvessey)
14:33 • Changes to wiki page dvessey-bro-analysis-howto (user: dvessey)
14:32 • Changes to wiki page dvessey-bro-analysis-howto (user: dvessey)
12:59 • Changes to wiki page dvessey-misc-bro (user: dvessey)
05:09
[7c2ca5adcd] Fixed up load-dv.sql, spent most of the night on that. Need to go back and tweak HTTP output, field enclosure can only be a single char, but separator can be a string (user: david, tags: trunk)
03:39 • Changes to wiki page dvessey-bro-analysis-howto (user: dvessey)
01:23
[e63c70a898] changed name of sql file (user: david, tags: trunk)
2010-12-02
21:14
[62506b95d7] SQL all laid out (user: david, tags: trunk)
19:09
[1dc563445b] Full run through of run_bro shell script successful, can generate everything, ready to be loaded into DB (user: david, tags: trunk)
18:07 • Changes to wiki page dvessey-misc-bro (user: dvessey)
05:22 • Changes to wiki page dvessey-bro-analysis-howto (user: dvessey)
05:20
[325760fedb] Scripts written to help automate running of things (user: david, tags: trunk)
04:32 • Changes to wiki page dvessey-bro-analysis-howto (user: dvessey)
04:23 • Changes to wiki page NSM Dino (user: dvessey)
04:22 • Changes to wiki page dvessey (user: dvessey)
03:06
[468e690dfb] Bittorrent tracker added (user: david, tags: trunk)
02:47 • Changes to wiki page dvessey-misc-bro (user: dvessey)
02:46 • Changes to wiki page dvessey-misc-bro (user: dvessey)
02:34 • Changes to wiki page dvessey-misc-bro (user: dvessey)
01:45
[f9c1dfef59] Removed smtp extractor. Don't think it's worth it at this point (user: david, tags: trunk)
2010-12-01
21:46
[2547e0b34a] First stab at SMTP extractor - might end up recopying the whole thing in the end... (user: david, tags: trunk)
05:10
[359fdf0ba1] More mods to ssl-dv - happy with it now. essentially complete duplicate of ssl.bro (user: david, tags: trunk)
04:58
[3ad6d4ddd8] One first start at a version of ssl-dv. But probably going to change it. Don't like how it works here, too many different places where it writes to file (user: david, tags: trunk)
04:19 • Changes to wiki page dvessey-misc-bro (user: dvessey)
04:19
[39370f1b7e] ftp meta data extractor done - for now. probably could use some more work (user: david, tags: trunk)
2010-11-30
17:50
[c387d24f72] Changes made to dns - pretty much done (user: david, tags: trunk)
17:47 • Changes to wiki page dvessey-misc-bro (user: dvessey)
17:42 • Changes to wiki page dvessey-misc-bro (user: dvessey)
17:41 • Changes to wiki page dvessey-misc-bro (user: dvessey)
17:40 • Changes to wiki page dvessey-misc-bro (user: dvessey)
2010-11-29
20:47
[c0c23f59fe] Entropy calculation now done for each connection as part of conn-dv. adu-dv.bro kept around for ref, but shouldn't be needed (user: david, tags: trunk)
20:40 • Changes to wiki page dvessey-misc-bro (user: dvessey)
19:35
[9aa4e1b69d] Working on meta data output. related to ticket [52e76d1b66e76ca6125339a20adfb1db180d0e7a] (user: david, tags: trunk)
19:25 • Changes to wiki page dvessey-misc-bro (user: dvessey)
19:23 • Ticket [52e76d1b66] New bro policy scripts status still Open with 2 other changes (user: dvessey)