Next: , Previous: finger Analyzer, Up: finger Analyzer



7.13.1 finger variables

The standard script defines two redefinable variables:

hot_names : set[string]
A list of usernames that should be considered sensitive (log-worthy) if included in a Finger request.

Default: { "root", "lp", "uucp", "nuucp", "demos", "operator", "sync", "guest", "visitor", }.

max_request_length : count
The largest reasonable request size (used to flag possible buffer overflow attacks). Bro marks a connection as “hot” if its request exceeds this length, and truncates its logging of the request to this many bytes, followed by "...".

Default: 80.