[Bro] Emerging Threats signatures on Bro ids ?
rmkml at yahoo.fr
Sat Aug 11 17:41:49 PDT 2012
Ok first alpha release on yesterday update (open-gpl) Emerging Threats signatures :
(contains only 13 signatures)
Im interested if you have comments/feedback/flame/performance/FP/FN please.
Tested on bro v2.0 with:
bro -C -r test.pcap et_bro2_10aug
I have a small pb on this bro powerful language:
-I have used a global variables (sid2015596...) for http_header because my test on pcap fire four times for each signature.
More information about the Bro