[Bro] http-identified-files.bro

Seth Hall hall.692 at osu.edu
Thu Oct 16 19:42:01 PDT 2008

On Oct 16, 2008, at 9:50 PM, CS Lee wrote:

> In http transaction, some of the executable files are transfer via  
> this mime type -
> application/octet-stream

You might want to check the description for those files.  There are a  
lot of other files that are identified as octet-streams, or at least  
as far as I can remember when I was working on that script a while  
ago. :)


Seth Hall
Network Security - Office of the CIO
The Ohio State University
Phone: 614-292-9721

More information about the Bro mailing list