Zeek 5.0.2 ≈ Packet Storm

Zeek 5.0.2^[6]

Authored by Robin Sommer^[7], Vern Paxson^[8] | Site zeek.org^[9]

Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.

Changes: Fixed a possible overflow and crash in the ICMP analyzer when receiving a specially crafted packet. Fixed a possible overflow and crash in the IRC analyzer when receiving a specially crafted packet. Fixed a possible overflow and crash in the SMB analyzer when receiving a specially crafted packet. Fixed two possible crashes when converting IP headers for output via the raw_packet event. Fixed a bug that prevented Broker nodes to recover from OpenSSL errors. Fixed handling of buffer sizes that caused Broker to stall despite having sufficient capacity. Fixed an issue with signal handling that could prevent Zeek from exiting via ctrl-c when reading scripts from stdin.

systems | unix^[10]

SHA-256 | 7089fcc06d13803fc7ce19fdc49f96183efd797be3a4fdca083240b9b46e1d2f

Download^[11] | Favorite^[12] | View^[13]

Login^[14] or Register^[15] to add favorites