Published on November 23rd, 2022 📆 | 1567 Views ⚑0
- Zeek 5.0.4
- Posted Nov 23, 2022
- Authored by Robin Sommer, Vern Paxson | Site zeek.org
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.
- Changes: This release fixes security issues where a specially-crafted series of HTTP 0.9 packets can cause Zeek to spend large amounts of time processing the packets, a specially-crafted FTP packet can cause Zeek to spend large amounts of time processing the command, and a specially-crafted IPv6 packet can cause Zeek to overflow memory and potentially crash. Fixed a potential stall in Broker’s internal data pipeline.
- systems | unix
- SHA-256 |