[Bro] Help with Bro source code
ysrivas at ncsu.edu
Fri Oct 28 05:33:50 PDT 2016
I now have a basic understanding having gone through anthony kasza's blog.
Can someone please help me with any kind of material/slides for
understanding bro source code?
Any other help/source would really help me a lot!
On Thu, Oct 27, 2016 at 5:56 PM, anthony kasza <anthony.kasza at gmail.com>
> Hi Yagyesh,
> I wrote a blog about what I found while first exploring Bro's code base. I
> hope you find it helpful.
> On Oct 27, 2016 3:46 PM, "Yagyesh Srivastava" <ysrivas at ncsu.edu> wrote:
>> I am trying to understand the bro events engine for HTTP.
>> I see that the code has two places where http is handled:
>> 1) build/src/protocol/http (files like events.bif.cc , events.bif.init.cc
>> and functions.bif.cc)
>> 2) src/protocol/http (files like HTTP.CC)
>> I am guessing the first one is the event engine and the second one is for
>> handling the incoming HTTP packets. is that correct?
>> Does anyone know of a runtime analysis tool which would be helpful in
>> this case?
>> How do we generally go about to understand bro's code base, i am just a
>> beginner at this.
>> Would really appreciate all the help.
>> Bro mailing list
>> bro at bro-ids.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Bro