jbabio at po-box.esu.edu
Tue Dec 10 16:23:24 PST 2013
I can't seem to get the actual player to trigger. Is it supposed to show up in software.log as Flash not Adobe Flash Player? Security onion has a vulnerable config including flash but I have never seen it show up in software.log.
From: Justin Azoff [JAzoff at albany.edu]
Sent: Tuesday, December 10, 2013 7:16 PM
To: John Babio
Cc: bro at bro.org
Subject: Re: [Bro] software.log
On Wed, Dec 11, 2013 at 12:02:40AM +0000, John Babio wrote:
> 1386717221.171855 x.x.x.x - HTTP::BROWSER Adobe Flash Player - - - - - Adobe Flash Player
> Bro isn't displaying and version info. Is there a reason?
For those connections the client sent just "Adobe Flash Player" as the
user-agent. It appears the flash updater does this when downloading the
-- Justin Azoff
-- Network Security & Performance Analyst
More information about the Bro