Hi Mauro! Sorry for the late response, I know we've been communicating
offlist, but I thought I'd respond here so that others could see too.
I'm not actively working on the SMB analyzer and I don't know of anyone
else actively working on it so it's unlikely that you will have any
interence with merging your code. I can't wait to find out more about
what you're interested in implementing and where you'd like to take the
On 10 Jan 2019, at 3:33, Mauro Palumbo wrote:
I am new to zeek/bro. For an internship which will complete a
master course I have been attending, I will work with zeek and
specifically with the CIFS/SMB analyzer. After looking at the
documentation and the code, it seems to me that the this analyzer (as
available in zeek github master branch) was written in BinPac language
and only the most used protocol commands are implemented. I could
possibly work on extending the current implementation of the protocol.
Do you have any thoughts/suggestions about this? Is anyone already
(or planning to do) it?
zeek-dev mailing list
Seth Hall * Corelight, Inc * www.corelight.com