[Bro] help to understand more about bro

jean-philippe luiggi jp.luiggi at free.fr
Fri Nov 2 16:28:14 PDT 2007


On Thu, 1 Nov 2007 11:59:33 -0400
"kanthi myneni" <kanthimyneni at gmail.com> wrote:

> Hi,
> I am Kanthi Myneni, working as Research Assistant in West Virginia
> University. As a Part of my research I need to know more about bro. I
> tried to learn it from the materials you provided. But still I am not
> cleared. Can you help me to fix these problems.
> 1.  How bro detects unkown detects. What are the Policy rules you
> used, on what based they are considered.

What do you mean ? 
Do you speak about anomaly detection ?

> 2. Does bro do clustering.

Please see : http://www.bro-ids.org/wiki/index.php/Bro_Cluster
> 3. Are there any techical researches that are connected with bro.

I think so, at least, there's a friend of mine (hello
Julien... :-) ) who's working hard with Bro and IPv6.

> Sorry for taking your valuable time.

Don't worry.

Best regards,


More information about the Bro mailing list