[Bro] HTTP encoding

François Gagnon frgag272 at ift.ulaval.ca
Mon Apr 3 13:17:54 PDT 2006


I was testing some evasion techniques using HTTP unicode encoding, and I was
surprised to see that Bro seems to completely miss the attacks in that case.

Is there any non-default configuration I must use so that Bro will see the
attacks even when they use thi evasion technique (HTTP encoding).

Thanks a lot!

More information about the Bro mailing list