[Bro] LDAP Analyzer

det2702 det2702 at mac.com
Mon Oct 4 10:24:18 PDT 2004


I am successfully running BRO 0.90 in a test environment.  Now I would 
like to write (and contribute to the BRO project) an LDAP analyzer.  I 
have a customer that wants to monitor and protect their LDAP 
repository.  What I am proposing is installing BRO specifically tuned 
and configured for LDAP analysis.

Obviously, I'm new to BRO.  I looked through the documentation and was 
not able to find anything on extending BRO's collection of analyzers.  
I'm especially interested on how to define event_handlers for custom 
policy scripts that leverage the LDAP analyzer.  Can anybody vector me 
in the right direction?



More information about the Bro mailing list