[Bro] How to detect transparent proxy by BRO IDS (2.4.1)
hms.uet at gmail.com
Sun Oct 23 21:36:08 PDT 2016
Our network administrator is using proxy in transparent mode (SQUID). In
this mode , there is no need for user to configure proxy option on his
computer. I have captured few hours traffic via tcpdump and when I run bro,
to know about http trafffic and defferent apps used (like google, youtube
etc.). I am amazed to know that there is even not http.log and
app_stats.log files generated. Is it some problem in bro configuration. I
have searched from its manual, infomation given about proxy could not solve
my problem. I have checked load_scripts.log. I shows that http analyzer is
Can you please guide me about this issue ?
Hafiz Muhammad Shafiq
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro