[Bro] General questions about Bro's capabilities

anthony kasza anthony.kasza at gmail.com
Sun Dec 28 15:43:24 PST 2014

Bro has an understanding of many of the more popular layer 7 protocols and
is able to generate logs based on what it sees.
One rather simple way to create a baseline for a network could be to
monitor the network for a period of time and observe the logs Bro generates.

On Dec 28, 2014 9:01 AM, "Savakh S" <sovakah at gmail.com> wrote:

> Hello,
> How can Bro be used to set a network profile and works as a behavior IDS ?
> Does Bro need to understand L7 protocols ? Is it compulsory ? If not, what
> would be its capabilities ?
> Thank for your answers.
> Regards.
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20141228/92eca383/attachment.html 

More information about the Bro mailing list