[Bro] Bro Script to detect plain text passwords?
anthony.kasza at gmail.com
Tue Nov 4 16:32:02 PST 2014
Absolutely. This is something well suited for Bro's policy scripts.
On Nov 4, 2014 3:45 PM, "Jeff Hammett" <jeff at jeffhammett.com> wrote:
> I recently demo’d Tenable’s Passive Vulnerability Scanner, but found that
> it wasn’t a good fit for my environment. However it did have one nice
> feature I liked, the ability to detect passwords sent in plain text.
> Does Bro have this functionality? Or would it be feasible to write a
> script to do so? (I haven’t written any scripts yet, but am interested).
> I think I would be most interested in detecting plain text passwords used
> for http logins, but wouldn’t mind monitoring for other protocols as well.
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro