[Bro] General questions about Bro's capabilities
anthony.kasza at gmail.com
Sun Dec 28 15:43:24 PST 2014
Bro has an understanding of many of the more popular layer 7 protocols and
is able to generate logs based on what it sees.
One rather simple way to create a baseline for a network could be to
monitor the network for a period of time and observe the logs Bro generates.
On Dec 28, 2014 9:01 AM, "Savakh S" <sovakah at gmail.com> wrote:
> How can Bro be used to set a network profile and works as a behavior IDS ?
> Does Bro need to understand L7 protocols ? Is it compulsory ? If not, what
> would be its capabilities ?
> Thank for your answers.
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro