[Bro] Extract complete files
franky.meier.1 at gmx.de
Wed May 13 07:46:00 PDT 2015
it's hard to help without any context, so just some hints: It took me
some time to find the -C switch to ignore wrong checksums in bro.
Without it the traffic did not reach the extraction layer. Also it's
always a good idea to compare bro with other tools. Make sure wireshark
does show the complete http session.
On Di, Mai 12, 2015 at 7:12 , Albert Zaharovits
<albert.zaharovits at gmail.com> wrote:
> I am experimenting with the Files framework in bro 2.4 beta. I would
> like to extract HTTP files, *without* missing_bytes.
> Can anyone please help me on this?
> Bro mailing list
> bro at bro-ids.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro