[Bro] Bro's capabilities
sovakah at gmail.com
Wed Dec 10 14:25:16 PST 2014
I have a question about the Bro's capabilities.
Could you please detail how Bro works ? I know Bro has "protocol analysis"
capabilities for some protocols and is a "behavior-based" IDS.
If I understand well, Bro can learn the way a network is used (like a
machine learning) and then dissect all the protocols he can parse (http,
ftp, ...) to see if the fields' values of these procoles were recorded at
the learning phase ?
Thanks for your answers.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro