[Bro] List of connections
mtdedlow at lbl.gov
Tue Nov 7 17:48:04 PST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Abhinay Kampasi wrote:
> Is there any policy file in Bro that reports all connections present in the
> traffic seen by Bro? Does conn.bro provide this functionality?
conn.bro only logs TCP. Depending on what you mean by "connection",
you may also want udp.bro and/or icmp.bro.
Also, note that conn.bro does not *only* log connections.
It does intrusion analysis -- for example, scan detection.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (MingW32)
-----END PGP SIGNATURE-----
More information about the Bro