[Bro] Emerging Threats signatures on Bro ids ?

rmkml rmkml at yahoo.fr
Mon Aug 13 14:33:03 PDT 2012

ok Im look on user-agent ET sigs.

On Mon, 13 Aug 2012, Seth Hall wrote:

> On Aug 13, 2012, at 12:38 PM, rmkml at yahoo.fr wrote:
>> This is why I need feedback please.
> Oh!  I forgot to include an alternate approach I thought of.  If you are still interested in going down this route, could you start by pulling out malicious software user-agents from the ET signatures?
>  That's something that would fit well and easily into Bro right now and into the intelligence framework in the future.
> What do you think about that?  We can certainly start small with very well defined goals and move from there.
>  .Seth
> --
> Seth Hall
> International Computer Science Institute
> (Bro) because everyone has a network
> http://www.bro-ids.org/

More information about the Bro mailing list