[Bro] help to understand more about bro
jp.luiggi at free.fr
Fri Nov 2 16:28:14 PDT 2007
On Thu, 1 Nov 2007 11:59:33 -0400
"kanthi myneni" <kanthimyneni at gmail.com> wrote:
> I am Kanthi Myneni, working as Research Assistant in West Virginia
> University. As a Part of my research I need to know more about bro. I
> tried to learn it from the materials you provided. But still I am not
> cleared. Can you help me to fix these problems.
> 1. How bro detects unkown detects. What are the Policy rules you
> used, on what based they are considered.
What do you mean ?
Do you speak about anomaly detection ?
> 2. Does bro do clustering.
Please see : http://www.bro-ids.org/wiki/index.php/Bro_Cluster
> 3. Are there any techical researches that are connected with bro.
I think so, at least, there's a friend of mine (hello
Julien... :-) ) who's working hard with Bro and IPv6.
> Sorry for taking your valuable time.
More information about the Bro