[Bro] Bro and ICMP

Dan Wyschogrod dwyschogrod at bbn.com
Fri Jun 24 06:15:44 PDT 2011

Several of us in the Cyber Security group at BBN are beginning to explore Bro for use in one of our projects.  Currently, we're thinking of using it to monitor ICMP traffic.  I've noticed that in the reference manual there's a not-filled-in entry on an ICMP analyzer and in the source code there's an ICMP analysis script and what appears to be an analyzer in the source code.  Is there active work going on in detecting ICMP irregularities using Bro?  Is there any interest in contributions to Bro of some ICMP sensors we've begun working on?

Dan Wyschogrod
Dan Wyschogrod

Cyber Security
Raytheon/BBN Technologies

dwyschogrod at bbn.com

More information about the Bro mailing list