[Bro] Layer 7 DoS attacks

Seth Hall seth at corelight.com
Mon Apr 17 10:24:48 PDT 2017

D'oh!  Sorry, I ran a version I have on my laptop which was updated.  I attached the version of the script that works now...

-------------- next part --------------
A non-text attachment was scrubbed...
Name: http-DoS-detector.bro
Type: application/octet-stream
Size: 2478 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20170417/555003c8/attachment.obj 
-------------- next part --------------


> On Apr 17, 2017, at 1:10 AM, RoM <theomnipotentyouth at gmail.com> wrote:
> Hi all,
> I saw an interesting post (http://mailman.icsi.berkeley.edu/pipermail/bro/2012-January/004508.html)about detecting layer 7 DoS attack using Bro, there was a script written by Seth Hall(seth at corelight.com)(http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20120109/84fdf6c0/attachment.obj), but the script won't work in the new version of Bro, so I was wondering if anyone had any idea on how to do it in Bro 2.5?
> Thanks for any feedback in advance!
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro

Seth Hall * Corelight, Inc * seth at corelight.com * www.corelight.com

More information about the Bro mailing list