vern at ee.lbl.gov
Thu Sep 6 13:13:02 PDT 2001
> I am running Bro0.7a73 system in a single machine and preparing to carry out
> some experiments.Who can explain the attack examples included in the Bro
I'm not sure what you're asking here. One of them is a trace of an
FTP "site exec" attack, the other of an NTP overflow attack.
> BTW, are there some help documents available for Tcpdump and Bro? I mean
> some fundemental aspects.
For tcpdump, only "man tcpdump". For Bro, see the doc/ subdirectory.
More information about the Bro