{"id":441,"date":"2023-03-23T06:00:00","date_gmt":"2023-03-23T10:00:00","guid":{"rendered":"https:\/\/drkeithjones.com\/?p=441"},"modified":"2023-03-24T11:30:25","modified_gmt":"2023-03-24T15:30:25","slug":"using-zeek-signatures-to-detect-cves","status":"publish","type":"post","link":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/","title":{"rendered":"Using Zeek Signatures To Detect CVEs"},"content":{"rendered":"\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"Using Zeek Signatures To Detect CVEs\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/PcXjkUt3rZA?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p class=\"wp-block-paragraph\">I put a video together (<a href=\"https:\/\/www.youtube.com\/watch?v=PcXjkUt3rZA\" target=\"_blank\" rel=\"noopener\" title=\"\">https:\/\/www.youtube.com\/watch?v=PcXjkUt3rZA<\/a>) discussing a method I have used to detect CVEs using just Zeek signatures:<\/p>\n\n\n\n<p class=\"wp-block-paragraph\"><a href=\"https:\/\/docs.zeek.org\/en\/master\/frameworks\/signatures.html\" target=\"_blank\" rel=\"noopener\" title=\"\">https:\/\/docs.zeek.org\/en\/master\/frameworks\/signatures.html<\/a><\/p>\n\n\n\n<p class=\"wp-block-paragraph\">This method is useful when trying to detect a CVE exploit in a protocol that is not fully parsed by Zeek.  In this video we discuss a CVE for portmapper, which is a protocol not natively supported by Zeek.  <\/p>\n\n\n\n<p class=\"wp-block-paragraph\">In this video we are not teaching you about detecting specific CVEs as much as I am trying to teach you the method of CVE detection using only Zeek signatures when Zeek can&#8217;t fully parse the connection.<\/p>\n\n\n\n<p class=\"wp-block-paragraph\">My slides (all the links are clickable): <a href=\"https:\/\/docs.google.com\/presentation\/d\/1lJGNphy6bGwtEBOGGDgQQpLe-kOCpJk5LEX881OUzkc\/edit?usp=sharing\" target=\"_blank\" rel=\"noopener\" title=\"\">https:\/\/docs.google.com\/presentation\/d\/1lJGNphy6bGwtEBOGGDgQQpLe-kOCpJk5LEX881OUzkc\/edit?usp=sharing<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>I put a video together (https:\/\/www.youtube.com\/watch?v=PcXjkUt3rZA) discussing a method I have used to detect CVEs using just Zeek signatures: https:\/\/docs.zeek.org\/en\/master\/frameworks\/signatures.html This method is useful when trying to detect a CVE exploit in a protocol that is not fully parsed by Zeek. In this video we discuss a CVE for portmapper, which is a protocol not [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[101,74,91,61,4],"tags":[102,44,100,27],"class_list":["post-441","post","type-post","status-publish","format-standard","hentry","category-cve","category-how-to","category-open-source","category-tools","category-zeek","tag-cve","tag-howto","tag-opensource","tag-zeek"],"aioseo_notices":[],"aioseo_head":"\n\t\t<!-- All in One SEO 4.9.8 - aioseo.com -->\n\t<meta name=\"description\" content=\"I put a video together (https:\/\/www.youtube.com\/watch?v=PcXjkUt3rZA) discussing a method I have used to detect CVEs using just Zeek signatures: https:\/\/docs.zeek.org\/en\/master\/frameworks\/signatures.html This method is useful when trying to detect a CVE exploit in a protocol that is not fully parsed by Zeek. In this video we discuss a CVE for portmapper, which is a protocol not\" \/>\n\t<meta name=\"robots\" content=\"max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n\t<meta name=\"author\" content=\"drkeithjones\"\/>\n\t<link rel=\"canonical\" href=\"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/\" \/>\n\t<meta name=\"generator\" content=\"All in One SEO (AIOSEO) 4.9.8\" \/>\n\t\t<meta property=\"og:locale\" content=\"en_US\" \/>\n\t\t<meta property=\"og:site_name\" content=\"DrKeithJones.com - A cybersecurity researcher&#039;s journey.\" \/>\n\t\t<meta property=\"og:type\" content=\"article\" \/>\n\t\t<meta property=\"og:title\" content=\"Using Zeek Signatures To Detect CVEs - DrKeithJones.com\" \/>\n\t\t<meta property=\"og:description\" content=\"I put a video together (https:\/\/www.youtube.com\/watch?v=PcXjkUt3rZA) discussing a method I have used to detect CVEs using just Zeek signatures: https:\/\/docs.zeek.org\/en\/master\/frameworks\/signatures.html This method is useful when trying to detect a CVE exploit in a protocol that is not fully parsed by Zeek. In this video we discuss a CVE for portmapper, which is a protocol not\" \/>\n\t\t<meta property=\"og:url\" content=\"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/\" \/>\n\t\t<meta property=\"og:image\" content=\"https:\/\/drkeithjones.com\/wp-content\/uploads\/2023\/02\/ecb.jpg\" \/>\n\t\t<meta property=\"og:image:secure_url\" content=\"https:\/\/drkeithjones.com\/wp-content\/uploads\/2023\/02\/ecb.jpg\" \/>\n\t\t<meta property=\"article:published_time\" content=\"2023-03-23T10:00:00+00:00\" \/>\n\t\t<meta property=\"article:modified_time\" content=\"2023-03-24T15:30:25+00:00\" \/>\n\t\t<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/keithjjones\" \/>\n\t\t<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n\t\t<meta name=\"twitter:site\" content=\"@keithjjones\" \/>\n\t\t<meta name=\"twitter:title\" content=\"Using Zeek Signatures To Detect CVEs - DrKeithJones.com\" \/>\n\t\t<meta name=\"twitter:description\" content=\"I put a video together (https:\/\/www.youtube.com\/watch?v=PcXjkUt3rZA) discussing a method I have used to detect CVEs using just Zeek signatures: https:\/\/docs.zeek.org\/en\/master\/frameworks\/signatures.html This method is useful when trying to detect a CVE exploit in a protocol that is not fully parsed by Zeek. In this video we discuss a CVE for portmapper, which is a protocol not\" \/>\n\t\t<meta name=\"twitter:creator\" content=\"@keithjjones\" \/>\n\t\t<meta name=\"twitter:image\" content=\"https:\/\/drkeithjones.com\/wp-content\/uploads\/2023\/02\/ecb.jpg\" \/>\n\t\t<script type=\"application\/ld+json\" class=\"aioseo-schema\">\n\t\t\t{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"BlogPosting\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/2023\\\/03\\\/23\\\/using-zeek-signatures-to-detect-cves\\\/#blogposting\",\"name\":\"Using Zeek Signatures To Detect CVEs - DrKeithJones.com\",\"headline\":\"Using Zeek Signatures To Detect CVEs\",\"author\":{\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/author\\\/drkeithjones_iitpux\\\/#author\"},\"publisher\":{\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/#person\"},\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/2023\\\/03\\\/23\\\/using-zeek-signatures-to-detect-cves\\\/#articleImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/dee83de34730f3a340cb0cdf15ab1de7f04e96f129f78c426da03098df1912fb?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"drkeithjones\"},\"datePublished\":\"2023-03-23T06:00:00-04:00\",\"dateModified\":\"2023-03-24T11:30:25-04:00\",\"inLanguage\":\"en-US\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/2023\\\/03\\\/23\\\/using-zeek-signatures-to-detect-cves\\\/#webpage\"},\"isPartOf\":{\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/2023\\\/03\\\/23\\\/using-zeek-signatures-to-detect-cves\\\/#webpage\"},\"articleSection\":\"CVE, How-To, Open Source, Tools, Zeek, cve, howto, opensource, zeek\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/2023\\\/03\\\/23\\\/using-zeek-signatures-to-detect-cves\\\/#breadcrumblist\",\"itemListElement\":[{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/drkeithjones.com#listItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/drkeithjones.com\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/category\\\/zeek\\\/#listItem\",\"name\":\"Zeek\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/category\\\/zeek\\\/#listItem\",\"position\":2,\"name\":\"Zeek\",\"item\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/category\\\/zeek\\\/\",\"nextItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/2023\\\/03\\\/23\\\/using-zeek-signatures-to-detect-cves\\\/#listItem\",\"name\":\"Using Zeek Signatures To Detect CVEs\"},\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/drkeithjones.com#listItem\",\"name\":\"Home\"}},{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/2023\\\/03\\\/23\\\/using-zeek-signatures-to-detect-cves\\\/#listItem\",\"position\":3,\"name\":\"Using Zeek Signatures To Detect CVEs\",\"previousItem\":{\"@type\":\"ListItem\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/category\\\/zeek\\\/#listItem\",\"name\":\"Zeek\"}}]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/#person\",\"name\":\"drkeithjones\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/2023\\\/03\\\/23\\\/using-zeek-signatures-to-detect-cves\\\/#personImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/dee83de34730f3a340cb0cdf15ab1de7f04e96f129f78c426da03098df1912fb?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"drkeithjones\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/author\\\/drkeithjones_iitpux\\\/#author\",\"url\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/author\\\/drkeithjones_iitpux\\\/\",\"name\":\"drkeithjones\",\"image\":{\"@type\":\"ImageObject\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/2023\\\/03\\\/23\\\/using-zeek-signatures-to-detect-cves\\\/#authorImage\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/dee83de34730f3a340cb0cdf15ab1de7f04e96f129f78c426da03098df1912fb?s=96&d=retro&r=g\",\"width\":96,\"height\":96,\"caption\":\"drkeithjones\"}},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/2023\\\/03\\\/23\\\/using-zeek-signatures-to-detect-cves\\\/#webpage\",\"url\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/2023\\\/03\\\/23\\\/using-zeek-signatures-to-detect-cves\\\/\",\"name\":\"Using Zeek Signatures To Detect CVEs - DrKeithJones.com\",\"description\":\"I put a video together (https:\\\/\\\/www.youtube.com\\\/watch?v=PcXjkUt3rZA) discussing a method I have used to detect CVEs using just Zeek signatures: https:\\\/\\\/docs.zeek.org\\\/en\\\/master\\\/frameworks\\\/signatures.html This method is useful when trying to detect a CVE exploit in a protocol that is not fully parsed by Zeek. In this video we discuss a CVE for portmapper, which is a protocol not\",\"inLanguage\":\"en-US\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/#website\"},\"breadcrumb\":{\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/2023\\\/03\\\/23\\\/using-zeek-signatures-to-detect-cves\\\/#breadcrumblist\"},\"author\":{\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/author\\\/drkeithjones_iitpux\\\/#author\"},\"creator\":{\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/index.php\\\/author\\\/drkeithjones_iitpux\\\/#author\"},\"datePublished\":\"2023-03-23T06:00:00-04:00\",\"dateModified\":\"2023-03-24T11:30:25-04:00\"},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/#website\",\"url\":\"https:\\\/\\\/drkeithjones.com\\\/\",\"name\":\"DrKeithJones.com\",\"description\":\"A cybersecurity researcher's journey.\",\"inLanguage\":\"en-US\",\"publisher\":{\"@id\":\"https:\\\/\\\/drkeithjones.com\\\/#person\"}}]}\n\t\t<\/script>\n\t\t<!-- All in One SEO -->\n\n","aioseo_head_json":{"title":"Using Zeek Signatures To Detect CVEs - DrKeithJones.com","description":"I put a video together (https:\/\/www.youtube.com\/watch?v=PcXjkUt3rZA) discussing a method I have used to detect CVEs using just Zeek signatures: https:\/\/docs.zeek.org\/en\/master\/frameworks\/signatures.html This method is useful when trying to detect a CVE exploit in a protocol that is not fully parsed by Zeek. In this video we discuss a CVE for portmapper, which is a protocol not","canonical_url":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/","robots":"max-snippet:-1, max-image-preview:large, max-video-preview:-1","keywords":"","webmasterTools":{"miscellaneous":""},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"BlogPosting","@id":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/#blogposting","name":"Using Zeek Signatures To Detect CVEs - DrKeithJones.com","headline":"Using Zeek Signatures To Detect CVEs","author":{"@id":"https:\/\/drkeithjones.com\/index.php\/author\/drkeithjones_iitpux\/#author"},"publisher":{"@id":"https:\/\/drkeithjones.com\/#person"},"image":{"@type":"ImageObject","@id":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/#articleImage","url":"https:\/\/secure.gravatar.com\/avatar\/dee83de34730f3a340cb0cdf15ab1de7f04e96f129f78c426da03098df1912fb?s=96&d=retro&r=g","width":96,"height":96,"caption":"drkeithjones"},"datePublished":"2023-03-23T06:00:00-04:00","dateModified":"2023-03-24T11:30:25-04:00","inLanguage":"en-US","mainEntityOfPage":{"@id":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/#webpage"},"isPartOf":{"@id":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/#webpage"},"articleSection":"CVE, How-To, Open Source, Tools, Zeek, cve, howto, opensource, zeek"},{"@type":"BreadcrumbList","@id":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/#breadcrumblist","itemListElement":[{"@type":"ListItem","@id":"https:\/\/drkeithjones.com#listItem","position":1,"name":"Home","item":"https:\/\/drkeithjones.com","nextItem":{"@type":"ListItem","@id":"https:\/\/drkeithjones.com\/index.php\/category\/zeek\/#listItem","name":"Zeek"}},{"@type":"ListItem","@id":"https:\/\/drkeithjones.com\/index.php\/category\/zeek\/#listItem","position":2,"name":"Zeek","item":"https:\/\/drkeithjones.com\/index.php\/category\/zeek\/","nextItem":{"@type":"ListItem","@id":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/#listItem","name":"Using Zeek Signatures To Detect CVEs"},"previousItem":{"@type":"ListItem","@id":"https:\/\/drkeithjones.com#listItem","name":"Home"}},{"@type":"ListItem","@id":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/#listItem","position":3,"name":"Using Zeek Signatures To Detect CVEs","previousItem":{"@type":"ListItem","@id":"https:\/\/drkeithjones.com\/index.php\/category\/zeek\/#listItem","name":"Zeek"}}]},{"@type":"Person","@id":"https:\/\/drkeithjones.com\/#person","name":"drkeithjones","image":{"@type":"ImageObject","@id":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/#personImage","url":"https:\/\/secure.gravatar.com\/avatar\/dee83de34730f3a340cb0cdf15ab1de7f04e96f129f78c426da03098df1912fb?s=96&d=retro&r=g","width":96,"height":96,"caption":"drkeithjones"}},{"@type":"Person","@id":"https:\/\/drkeithjones.com\/index.php\/author\/drkeithjones_iitpux\/#author","url":"https:\/\/drkeithjones.com\/index.php\/author\/drkeithjones_iitpux\/","name":"drkeithjones","image":{"@type":"ImageObject","@id":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/#authorImage","url":"https:\/\/secure.gravatar.com\/avatar\/dee83de34730f3a340cb0cdf15ab1de7f04e96f129f78c426da03098df1912fb?s=96&d=retro&r=g","width":96,"height":96,"caption":"drkeithjones"}},{"@type":"WebPage","@id":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/#webpage","url":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/","name":"Using Zeek Signatures To Detect CVEs - DrKeithJones.com","description":"I put a video together (https:\/\/www.youtube.com\/watch?v=PcXjkUt3rZA) discussing a method I have used to detect CVEs using just Zeek signatures: https:\/\/docs.zeek.org\/en\/master\/frameworks\/signatures.html This method is useful when trying to detect a CVE exploit in a protocol that is not fully parsed by Zeek. In this video we discuss a CVE for portmapper, which is a protocol not","inLanguage":"en-US","isPartOf":{"@id":"https:\/\/drkeithjones.com\/#website"},"breadcrumb":{"@id":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/#breadcrumblist"},"author":{"@id":"https:\/\/drkeithjones.com\/index.php\/author\/drkeithjones_iitpux\/#author"},"creator":{"@id":"https:\/\/drkeithjones.com\/index.php\/author\/drkeithjones_iitpux\/#author"},"datePublished":"2023-03-23T06:00:00-04:00","dateModified":"2023-03-24T11:30:25-04:00"},{"@type":"WebSite","@id":"https:\/\/drkeithjones.com\/#website","url":"https:\/\/drkeithjones.com\/","name":"DrKeithJones.com","description":"A cybersecurity researcher's journey.","inLanguage":"en-US","publisher":{"@id":"https:\/\/drkeithjones.com\/#person"}}]},"og:locale":"en_US","og:site_name":"DrKeithJones.com - A cybersecurity researcher's journey.","og:type":"article","og:title":"Using Zeek Signatures To Detect CVEs - DrKeithJones.com","og:description":"I put a video together (https:\/\/www.youtube.com\/watch?v=PcXjkUt3rZA) discussing a method I have used to detect CVEs using just Zeek signatures: https:\/\/docs.zeek.org\/en\/master\/frameworks\/signatures.html This method is useful when trying to detect a CVE exploit in a protocol that is not fully parsed by Zeek. In this video we discuss a CVE for portmapper, which is a protocol not","og:url":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/","og:image":"https:\/\/drkeithjones.com\/wp-content\/uploads\/2023\/02\/ecb.jpg","og:image:secure_url":"https:\/\/drkeithjones.com\/wp-content\/uploads\/2023\/02\/ecb.jpg","article:published_time":"2023-03-23T10:00:00+00:00","article:modified_time":"2023-03-24T15:30:25+00:00","article:publisher":"https:\/\/www.facebook.com\/keithjjones","twitter:card":"summary_large_image","twitter:site":"@keithjjones","twitter:title":"Using Zeek Signatures To Detect CVEs - DrKeithJones.com","twitter:description":"I put a video together (https:\/\/www.youtube.com\/watch?v=PcXjkUt3rZA) discussing a method I have used to detect CVEs using just Zeek signatures: https:\/\/docs.zeek.org\/en\/master\/frameworks\/signatures.html This method is useful when trying to detect a CVE exploit in a protocol that is not fully parsed by Zeek. In this video we discuss a CVE for portmapper, which is a protocol not","twitter:creator":"@keithjjones","twitter:image":"https:\/\/drkeithjones.com\/wp-content\/uploads\/2023\/02\/ecb.jpg"},"aioseo_meta_data":{"post_id":"441","title":null,"description":null,"keywords":[],"keyphrases":{"focus":{"keyphrase":"","score":0,"analysis":{"keyphraseInTitle":{"score":0,"maxScore":9,"error":1}}},"additional":[]},"primary_term":null,"canonical_url":null,"og_title":null,"og_description":null,"og_object_type":"default","og_image_type":"default","og_image_url":null,"og_image_width":null,"og_image_height":null,"og_image_custom_url":null,"og_image_custom_fields":null,"og_video":"","og_custom_url":null,"og_article_section":null,"og_article_tags":[],"twitter_use_og":false,"twitter_card":"default","twitter_image_type":"default","twitter_image_url":null,"twitter_image_custom_url":null,"twitter_image_custom_fields":null,"twitter_title":null,"twitter_description":null,"schema":{"blockGraphs":[],"customGraphs":[],"default":{"data":{"Article":[],"Course":[],"Dataset":[],"FAQPage":[],"Movie":[],"Person":[],"Product":[],"ProductReview":[],"Car":[],"Recipe":[],"Service":[],"SoftwareApplication":[],"WebPage":[]},"graphName":"BlogPosting","isEnabled":true},"graphs":[]},"schema_type":"default","schema_type_options":null,"pillar_content":false,"robots_default":true,"robots_noindex":false,"robots_noarchive":false,"robots_nosnippet":false,"robots_nofollow":false,"robots_noimageindex":false,"robots_noodp":false,"robots_notranslate":false,"robots_max_snippet":"-1","robots_max_videopreview":"-1","robots_max_imagepreview":"large","priority":null,"frequency":"default","local_seo":null,"breadcrumb_settings":null,"limit_modified_date":false,"ai":null,"created":"2023-03-22 16:45:51","updated":"2025-06-04 00:04:32","seo_analyzer_scan_date":null},"aioseo_breadcrumb":"<div class=\"aioseo-breadcrumbs\"><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/drkeithjones.com\" title=\"Home\">Home<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\t<a href=\"https:\/\/drkeithjones.com\/index.php\/category\/zeek\/\" title=\"Zeek\">Zeek<\/a>\n\t\t<\/span><span class=\"aioseo-breadcrumb-separator\">&raquo;<\/span><span class=\"aioseo-breadcrumb\">\n\t\t\tUsing Zeek Signatures To Detect CVEs\n\t\t<\/span><\/div>","aioseo_breadcrumb_json":[{"label":"Home","link":"https:\/\/drkeithjones.com"},{"label":"Zeek","link":"https:\/\/drkeithjones.com\/index.php\/category\/zeek\/"},{"label":"Using Zeek Signatures To Detect CVEs","link":"https:\/\/drkeithjones.com\/index.php\/2023\/03\/23\/using-zeek-signatures-to-detect-cves\/"}],"jetpack_featured_media_url":"","jetpack-related-posts":[],"jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/posts\/441","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/comments?post=441"}],"version-history":[{"count":0,"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/posts\/441\/revisions"}],"wp:attachment":[{"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/media?parent=441"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/categories?post=441"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/drkeithjones.com\/index.php\/wp-json\/wp\/v2\/tags?post=441"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}