HTTP reply

wushi at wushi at
Sun Mar 17 22:45:31 PST 2002

	I think sometimes HTTP reply  especially the first line is very useful. Through it, we can know whether the attack is successful.
That is right?	Forgive me poor English. Another question, How to detect the syn flood attack using Bro? May I use a timer In th Bro's
interpret,so we can know the    statistic of some network event?

More information about the Bro mailing list