[Bro] Emerging Threats signatures on Bro ids ?
rmkml at yahoo.fr
Fri Aug 10 17:19:36 PDT 2012
Anyone interested for supporting / converting Emerging Threats [ET] signatures on Bro IDS ?
- convert on regexp bro format (if threats are easy)
- or better convert to a bro powerful language... (more complex threats)
Not a automatic converter, need (long long) review all signatures for understand threats and use better (bro) converter...
What do you think ?
Im interested if anyone are running futur bro+ET direct feedback... (FP, FN, performance....)
Happy Detect with Bro, Suricata and Snort.
More information about the Bro