[Bro] DPD not getting expected results
robin at icir.org
Mon Jan 12 16:58:28 PST 2009
On Mon, Jan 12, 2009 at 13:39 -0800, you wrote:
> run on ports 22, 23, and 80. Then I got a packet trace (tcpdump -w) while
> SSH'ing from system A to those three ports on system B.
> I ran bro on the trace with the following policy files (in this order):
Can you send me the trace file as well as your zzz-custom please?
Robin Sommer * Phone +1 (510) 666-2886 * robin at icir.org
ICSI/LBNL * Fax +1 (510) 666-2956 * www.icir.org
More information about the Bro