[Bro] A little more confusion with Intel
Azoff, Justin S
jazoff at illinois.edu
Thu Jan 18 10:13:11 PST 2018
> On Jan 18, 2018, at 1:06 PM, James Lay <jlay at slave-tothe-box.net> wrote:
> Here too, is there something I'm missing? In testing a different packet captures using TCP, I get intel...so does the Intel framework not support UDP? Thank you.
The intel framework doesn't know anything about tcp or udp. The default scripts for connections only alert on tcp connections though:
More information about the Bro