base/bif/plugins/Zeek_SMB.smb2_com_transform_header.bif.zeek

GLOBAL
Namespace:GLOBAL

Summary

Events

smb2_transform_header: event Generated for SMB/CIFS version 3.x transform_header.

Detailed Interface

Events

smb2_transform_header
Type:event (c: connection, hdr: SMB2::Transform_header)

Generated for SMB/CIFS version 3.x transform_header. This is used by the client or server when sending encrypted messages.

For more information, see MS-SMB2:2.2.41

C:The connection.
Hdr:The parsed transformed header message, which is starting with xfdSMB and different from SMB1 and SMB2 headers.

See also: smb2_message