[Bro] Netflow and Bro
harish_64 at yahoo.com
Sat Nov 26 21:43:55 PST 2011
I am new to Bro IDS, I wanted to know if Bro can be used to detect portscan or Denial of service using the netflow data collected from a router.
If yes, I am able to use bro as netflow collector now but i am unable to proceed after this point. Should I use the existing scripts on the netflow data to detect the the threats ? or should i write my own scripts?
More information about the Bro