[Bro] complete analysis system for detecting malware
kingzyycn at gmail.com
Tue Jan 14 10:03:32 PST 2014
similar, but hope using open source tools. Any comment?
BTW, I love your APT1 report.
2014/1/15 Richard Bejtlich <taosecurity at gmail.com>
> Sorry, I couldn't resist...
> On Tue, Jan 14, 2014 at 12:46 PM, John Zhang <kingzyycn at gmail.com> wrote:
> > Hi all,
> > Actually I am planning one complete analysis system(long term) for
> > and tracing malware and other threats, it can do:
> > 1, live capture full-content network(up to several GBs)
> > 2, and extract files and contents from traffic, specially these contents
> > http, ftp, email traffic
> > 3, and send these contents to local sandbox, or to remote sandbox
> > for checking them; or check them against external threat intelligence.
> > Could you help recommend some tools for the above jobs?
> > I do need the experience, suggestion and comment from you all.
> > Thank you !
> > Regards,
> > John
> > _______________________________________________
> > Bro mailing list
> > bro at bro-ids.org
> > http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro