[Bro] Community source for rules

matthieu matthieu at treussart.com
Tue Oct 10 11:43:23 PDT 2017

Thank you for your reply.

Yes I know snort2bro, but I use Snort or Suricata for this rules.
I was hoping there was a Bro rules contribution available on the Internet.
Generic rules that answer to the actuality like WannaCry (SMB) …


> On 10 Oct 2017, at 14:36, fatema bannatwala <fatema.bannatwala at gmail.com> wrote:
> Hi Matthieu,
> I am not aware of any source available for Bro signatures (rules, if that's what you meant),
> however, there used to be a script snort2bro that converted snort signatures/rules to corresponding Bro sigs, but not maintained anymore.
> Not sure what you are looking to solve, but if you know what you are searching for in your traffic,
> then you might want to take a look at the Bro's Signature Language, to write your own signatures.
> Here's the link: https://www.bro.org/sphinx/frameworks/signatures.html <https://www.bro.org/sphinx/frameworks/signatures.html>
> Hope this helps.
> -Fatema

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20171010/90613354/attachment.html 

More information about the Bro mailing list