[Bro] New layer 2 analyzer
brot212 at googlemail.com
Mon Oct 3 04:14:30 PDT 2016
I want to write an analyzer to detect EtherCat traffic, which is
encapsulated in layer 2 (like ARP). I wanted use the BinPAC language to
create this analyzer, but I found out that BinPAC only supports
protocols that areencapsulated in TCP/UDP. (correct me if I'm wrong :-) )
Now I'm thinking about writing that analyzer without BinPAC, but I'm not
really sure where to start. Can anyone give me a few hints or could tell
me his/her experience in writing a new protocol analyzer with C++ for Bro?
Thank you and have a nice day!
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro