policy/protocols/rdp/indicate_ssl.zeek

RDP

If an RDP session is “upgraded” to SSL, this will be indicated with this script in a new field added to the RDP log.

Namespace

RDP

Imports

base/protocols/rdp, base/protocols/ssl

Summary

Redefinitions

RDP::Info: record

New Fields

RDP::Info

ssl: bool &log &default = F &optional

Flag the connection if it was seen over SSL.

Detailed Interface