[Bro] Bro Script to detect plain text passwords?

anthony kasza anthony.kasza at gmail.com
Tue Nov 4 16:32:02 PST 2014

Absolutely. This is something well suited for Bro's policy scripts.

On Nov 4, 2014 3:45 PM, "Jeff Hammett" <jeff at jeffhammett.com> wrote:

> I recently demo’d Tenable’s Passive Vulnerability Scanner, but found that
> it wasn’t a good fit for my environment. However it did have one nice
> feature I liked, the ability to detect passwords sent in plain text.
> Does Bro have this functionality? Or would it be feasible to write a
> script to do so? (I haven’t written any scripts yet, but am interested).
> I think I would be most interested in detecting plain text passwords used
> for http logins, but wouldn’t mind monitoring for other protocols as well.
> Jeff
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20141104/46a3a513/attachment.html 

More information about the Bro mailing list