Dpi

Analyzing Zeek's built-in SSH brute force detection script, understanding its detection logic and threshold design.

Continuing POP3 protocol analysis — extracting and reconstructing email content.

Using Zeek to parse POP3 protocol, exploring Zeek's API and event-driven protocol analysis.