[Bro] offline analysis
jean-philippe.luiggi at didconcept.com
Mon Oct 6 18:52:03 PDT 2008
First idea, capture the network packets using something likes "tcpdump
-i ethx -w foo.cap", then use "Bro" to read "foo.cap".
On Mon, 6 Oct 2008 11:42:23 +0330
"hossein talebi" <talebihossain at gmail.com> wrote:
> how to perform offline analysis and view analysis statistic ?
> Talebi Mazraeh Shahi Hossein
> This message has been scanned for viruses and
> dangerous content by MailScanner, and is
> believed to be clean.
More information about the Bro