hall.692 at osu.edu
Fri Sep 12 05:44:19 PDT 2008
On Sep 12, 2008, at 8:33 AM, Jim Bo wrote:
> Is there a way to extract the incoming IP addresses on ports 80 and
> 443 and run the IP addresses through GeoIP.
That's more or less what the script does that I sent to the list.
(except for port 443). I guess I just don't know what end result
you're looking to get.
> Also is there any sort of
> documentation or even books that I can look at / buy that would help
> me with this type of stuff so that I dont have to keep bothering you.
The best current documentation is in the slides and related exercises
from Bro workshop that took place last summer.
A *little* bit of documentation about the libGeoIP support can be
There is also a lot of good material to be found in the manuals:
Hopefully that helps. Feel free to keep asking questions though.
More information about the Bro