base/bif/plugins/Zeek_SMB.smb2_com_negotiate.bif.zeek

GLOBAL
Namespace

GLOBAL

Summary

Events

smb2_negotiate_request: event

Generated for SMB/CIFS version 2 requests of type negotiate.

smb2_negotiate_response: event

Generated for SMB/CIFS version 2 responses of type negotiate.

Detailed Interface

Events

smb2_negotiate_request
Type

event (c: connection, hdr: SMB2::Header, dialects: index_vec)

Generated for SMB/CIFS version 2 requests of type negotiate. This is used by the client to notify the server what dialects of the SMB2 Protocol the client understands.

For more information, see MS-SMB2:2.2.3

Parameters
  • c – The connection.

  • hdr – The parsed header of the SMB version 2 message.

  • dialects – A vector of the client’s supported dialects.

See also: smb2_message, smb2_negotiate_response

smb2_negotiate_response
Type

event (c: connection, hdr: SMB2::Header, response: SMB2::NegotiateResponse)

Generated for SMB/CIFS version 2 responses of type negotiate. This is sent by the server to notify the client of the preferred common dialect.

For more information, see MS-SMB2:2.2.4

Parameters
  • c – The connection.

  • hdr – The parsed header of the SMB version 2 message.

  • response – The negotiate response data structure.

See also: smb2_message, smb2_negotiate_request