"Bad Neighbor" Detection, CVE-2020-16898 (Windows TCP/IP RCE)
A network detection package for CVE-2020-16898 (Windows TCP/IP Remote Code Execution Vulnerability)
- Other detection packages developed independently and concurrently by the Zeek community:
Notices raised :
## Usage, notes and recommendations: - To use against a pcap you already have ```zeek -Cr scripts/__load__.zeek your.pcap``` - This package will run in clustered or non clustered environments. ## Feedback - As details emerge, we are keen to improve this package for the benefit of the community, please feel free to contact the author with any suggestions and feedback.