[Bro] Bro and myricom woes
seth at icir.org
Thu Aug 7 20:16:56 PDT 2014
On Aug 7, 2014, at 5:20 PM, Harry Hoffman <hhoffman at ip-solutions.net> wrote:
> Just curious, why does Bro break? Or what makes bro break?
Bro does deep packet inspection and if the packets are artificially cropped and Bro can't see all of the traffic there ends up being a lot of missed bytes in connections. In order to correctly analyze many connections, all of the packet data needs to be there.
> Also, myricom needs to update some of their docs for v3 but all seems to still function just fine.
They actually added a feature we requested. It should be possible to load balance traffic multiple times to multiple tools now. We still need to adapt our Myricom broctl plugin to support the way that works.
International Computer Science Institute
(Bro) because everyone has a network
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140807/db877182/attachment.bin
More information about the Bro