Many hyperlinks are disabled.
Use anonymous login
to enable hyperlinks.
36 check-ins
|
2010-12-17
| ||
| 04:01 | A bit more work on autoruns script Leaf check-in: f93b081552 user: sansforensics tags: trunk | |
|
2010-12-15
| ||
| 04:26 | more work on autoruns, also added umount_all script check-in: 2a86484913 user: sansforensics tags: trunk | |
|
2010-12-10
| ||
| 04:18 | First bit of work on trying to get an autorun dumping script. Got automounting script working though check-in: 72d1b2d8ae user: sansforensics tags: trunk | |
|
2010-12-08
| ||
| 16:13 | Final-ish commit check-in: bb991aaf6c user: david tags: trunk | |
| 12:20 | added exec_bro_single script check-in: d5ca8547f8 user: david tags: trunk | |
|
2010-12-07
| ||
| 22:29 | Fixed small problem with run_bro script check-in: 9703d635c7 user: david tags: trunk | |
| 22:11 | Everything almost totally mostly good :) - session ID's update from file to file check-in: b5c72d429f user: david tags: trunk | |
|
2010-12-06
| ||
| 22:20 | working to update all ssn ids check-in: c6ac1a09a3 user: david tags: trunk | |
| 04:49 | Finally got something that kind of works for writing to multiple pipes in proctest.py check-in: 718f4a7a4b user: david tags: trunk | |
|
2010-12-03
| ||
| 15:44 | Mostly kinda sorta fully functional?? check-in: 4fe4c4d098 user: david tags: trunk | |
| 15:29 | Load data all working./run_bro.sh check-in: f6e2ec5fc4 user: david tags: trunk | |
| 05:09 | Fixed up load-dv.sql, spent most of the night on that. Need to go back and tweak HTTP output, field enclosure can only be a single char, but separator can be a string check-in: 7c2ca5adcd user: david tags: trunk | |
| 01:23 | changed name of sql file check-in: e63c70a898 user: david tags: trunk | |
|
2010-12-02
| ||
| 21:14 | SQL all laid out check-in: 62506b95d7 user: david tags: trunk | |
| 19:09 | Full run through of run_bro shell script successful, can generate everything, ready to be loaded into DB check-in: 1dc563445b user: david tags: trunk | |
| 05:20 | Scripts written to help automate running of things check-in: 325760fedb user: david tags: trunk | |
| 03:06 | Bittorrent tracker added check-in: 468e690dfb user: david tags: trunk | |
| 01:45 | Removed smtp extractor. Don't think it's worth it at this point check-in: f9c1dfef59 user: david tags: trunk | |
|
2010-12-01
| ||
| 21:46 | First stab at SMTP extractor - might end up recopying the whole thing in the end... check-in: 2547e0b34a user: david tags: trunk | |
| 05:10 | More mods to ssl-dv - happy with it now. essentially complete duplicate of ssl.bro check-in: 359fdf0ba1 user: david tags: trunk | |
| 04:58 | One first start at a version of ssl-dv. But probably going to change it. Don't like how it works here, too many different places where it writes to file check-in: 3ad6d4ddd8 user: david tags: trunk | |
| 04:19 | ftp meta data extractor done - for now. probably could use some more work check-in: 39370f1b7e user: david tags: trunk | |
|
2010-11-30
| ||
| 17:50 | Changes made to dns - pretty much done check-in: c387d24f72 user: david tags: trunk | |
|
2010-11-29
| ||
| 20:47 | Entropy calculation now done for each connection as part of conn-dv. adu-dv.bro kept around for ref, but shouldn't be needed check-in: c0c23f59fe user: david tags: trunk | |
| 19:35 | Working on meta data output. related to ticket [52e76d1b66e76ca6125339a20adfb1db180d0e7a] check-in: 9aa4e1b69d user: david tags: trunk | |
| 16:07 | OS Fingerprinting added, redef'ed some events check-in: 947ca3dd44 user: david tags: trunk | |
| 15:30 | Entropy measures added to all HTTP outputs check-in: c33da1c7ba user: david tags: trunk | |
| 15:14 | Mostly finished work on HTTP meta data extraction. Dumps requests, replies and headers to three separate files with similar layouts check-in: 5cfd774a64 user: david tags: trunk | |
| 13:00 | First go at HTTP meta data bro policy. Still needs lots of work check-in: 7430394ccb user: david tags: trunk | |
| 03:46 | First bit of work on the dns meta data extraction policy script check-in: d5109167e0 user: david tags: trunk | |
|
2010-11-24
| ||
| 04:41 | Done work for tonight. Got the basic bro script working, would like to add packet counts to it as well, but this should do fine for now check-in: aa30899099 user: david tags: trunk | |
|
2010-11-14
| ||
| 07:11 | 'fixed' bro source directory. Had problems when configured and make - new files got created and some were deleted, even after a 'make clean' check-in: 6558dac49c user: dvessey tags: trunk | |
| 06:21 | Entropy function added to bro.bif check-in: 7b3c077ae5 user: dvessey tags: trunk | |
| 06:18 | Original bro 1.5.1 source code committed - no changes check-in: fd18f596d6 user: dvessey tags: trunk | |
| 05:02 | Initial commit with dns_meta script check-in: 1b38aa3208 user: dvessey tags: trunk | |
| 03:33 | initial empty check-in check-in: 7206e2f2f5 user: david tags: trunk | |