base/bif/plugins/Zeek_SMB.smb1_com_read_andx.bif.zeek¶
-
GLOBAL¶
- Namespace
GLOBAL
Summary¶
Events¶
Generated for SMB/CIFS version 1 requests of type read andx. |
|
Generated for SMB/CIFS version 1 responses of type read andx. |
Detailed Interface¶
Events¶
-
smb1_read_andx_request¶ - Type
event(c:connection, hdr:SMB1::Header, file_id:count, offset:count, length:count)
Generated for SMB/CIFS version 1 requests of type read andx. This is sent by the client to read bytes from a regular file, a named pipe, or a directly accessible device such as a serial port (COM) or printer port (LPT).
For more information, see MS-CIFS:2.2.4.42
- C
The connection.
- Hdr
The parsed header of the SMB version 1 message.
- File_id
The file identifier being written to.
- Offset
The byte offset the requested read begins at.
- Length
The number of bytes being requested.
See also:
smb1_message,smb1_read_andx_response
-
smb1_read_andx_response¶ - Type
event(c:connection, hdr:SMB1::Header, data_len:count)
Generated for SMB/CIFS version 1 responses of type read andx. This is the server response to the read andx request.
For more information, see MS-CIFS:2.2.4.42
- C
The connection.
- Hdr
The parsed header of the SMB version 1 message.
- Data_len
The length of data from the requested file.
See also:
smb1_message,smb1_read_andx_request