[Bro] LDAP Analyzer
det2702 at mac.com
Mon Oct 4 10:24:18 PDT 2004
I am successfully running BRO 0.90 in a test environment. Now I would
like to write (and contribute to the BRO project) an LDAP analyzer. I
have a customer that wants to monitor and protect their LDAP
repository. What I am proposing is installing BRO specifically tuned
and configured for LDAP analysis.
Obviously, I'm new to BRO. I looked through the documentation and was
not able to find anything on extending BRO's collection of analyzers.
I'm especially interested on how to define event_handlers for custom
policy scripts that leverage the LDAP analyzer. Can anybody vector me
in the right direction?
More information about the Bro