Published on August 30th, 2022 📆 | 4060 Views ⚑
0Zeek 5.0.1
- Zeek 5.0.1
- Posted Aug 30, 2022
- Authored by Robin Sommer, Vern Paxson | Site zeek.org
-
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
- Changes: Fixed potential overflow in modbus analyzer's bytestring_to_coils. Reset packet cap_len before returning from IP::AnalyzePacket. Swap DNS EDNS field order to match script-land type. Added some sanity checking to BadARPEvent method. Checks for valid ip_hdr length before trying to make a Val out of it. Updated broker submodule to 2.3.2 release tag. Various additional updates since the last release.
- systems | unix
- SHA-256 |
3cd43ae446200e7e59a89a9bf8190d964f3198e517f5d4be9cc1daba67ba0b81
- Download | Favorite | View
Gloss