Attack example

Vern Paxson vern at
Thu Sep 6 13:13:02 PDT 2001

> I am running Bro0.7a73 system in a single machine and preparing to carry out
> some experiments.Who can explain the attack examples included in the Bro
> packet?

I'm not sure what you're asking here.  One of them is a trace of an
FTP "site exec" attack, the other of an NTP overflow attack.

> BTW, are there some help documents available for Tcpdump and Bro? I mean
> some fundemental aspects.

For tcpdump, only "man tcpdump".  For Bro, see the doc/ subdirectory.


More information about the Bro mailing list