base/bif/plugins/Zeek_SMB.smb1_com_echo.bif.zeek¶
-
GLOBAL¶
- Namespace
GLOBAL
Summary¶
Events¶
Generated for SMB/CIFS version 1 requests of type echo. |
|
Generated for SMB/CIFS version 1 responses of type echo. |
Detailed Interface¶
Events¶
-
smb1_echo_request¶ - Type
event(c:connection, echo_count:count, data:string)
Generated for SMB/CIFS version 1 requests of type echo. This is sent by the client to test the transport layer connection with the server.
For more information, see MS-CIFS:2.2.4.39
- C
The connection.
- Hdr
The parsed header of the SMB version 1 message.
- Echo_count
The number of times the server should echo the data back.
- Data
The data for the server to echo.
See also:
smb1_message,smb1_echo_response
-
smb1_echo_response¶ - Type
event(c:connection, seq_num:count, data:string)
Generated for SMB/CIFS version 1 responses of type echo. This is the server response to the echo request.
For more information, see MS-CIFS:2.2.4.39
- C
The connection.
- Hdr
The parsed header of the SMB version 1 message.
- Seq_num
The sequence number of this echo reply.
- Data
The data echoed back from the client.
See also:
smb1_message,smb1_echo_request