[Bro] Missing notifications in Bro

Roger Larsen - Høgskolen i Gjøvik roger.larsen at hig.no
Sat Apr 21 04:31:10 PDT 2012

Dear Bro Community,

I am graduate student at Gjøvik University College in Norway.

I was hoping to compare the detection rate in Bro and Snort regarding some
network attacks (using NMAP).

I'm not so familiar with Bro and after some hours of work I still have not
found any log file telling me that Bro have detected an attack...

I have read a lot of the documentation on Your web page.


My questions are the following;


#1 - How much can Bro's default base installation tell me regarding attack
events (notifications)? (I use the fresh Bro 2.0)


#2 - Can I easily get more notification LOG's from attack events?


Thank You!



Best Regards,


Roger Larsen

master IS student



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20120421/5624c112/attachment.html 

More information about the Bro mailing list