[Bro] intrusion detection

阿斯顿飞 nanrenno.1 at qq.com
Fri Oct 23 07:19:00 PDT 2009

I'm a new learner of bro,so I haven't known it well.My question is that the policy script is used to decide what kind of behavior is intusion but what principle should i base on to judge?  If the answer is that bro only provides a platform for the users to detect intrusion according to their own philosophy how does bro do that in its original policy scripts?  
Thanks a lot for your answer!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20091023/6a0507e0/attachment.html 

More information about the Bro mailing list