[Bro] SFTP analysis
js688886 at gmail.com
Mon Apr 11 13:21:39 PDT 2016
There is a builtin script /bro/frameworks/logging/postprocessors/sftp.bro.
Can that be used and how? Thanks.
On Fri, Apr 1, 2016 at 1:52 AM, Johanna Amann <johanna at icir.org> wrote:
> Hello John,
> On Thu, Mar 31, 2016 at 09:25:42AM -0700, john smith wrote:
> > Does anyone know if Bro supports SFTP? Thanks in advance.
> Bro supports and gives information about SSH; since SFTP traffic is just
> encapsulated inside the encrypted SSH session, there is not really much
> more that we can do.
> I hope this helps,
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro