By corelight
A network detection package for CVE-2020-16898 (Windows TCP/IP Remote Code Execution Vulnerability) AKA BadNeighbor
Enables plugins to write fine-grained policy for log filtering, modification, and path customization.
This script expands the base known-services policy to include is_local_orig flag to indicate if the service was discovered from non-local nets (is_local_orig =F) or from local nets (is_local_orig=T).
This script expands the base known-services policy to include is_local_orig flag to indicate if an outbound service was discovered from non-local nets (is_local_orig =F) or from local nets (is_local_orig=T).
By corelight
Detects the Google QUIC (GQUIC) protocol and adds "gquic" to conn.log's "service" field.
Page 1 of 1, showing 11 record(s) out of 11 total