[Bro-Dev] [JIRA] (BIT-1444) Connection logging for ESP
Seth Hall (JIRA)
jira at bro-tracker.atlassian.net
Tue Sep 8 18:32:00 PDT 2015
[ https://bro-tracker.atlassian.net/browse/BIT-1444?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=22011#comment-22011 ]
Seth Hall commented on BIT-1444:
--------------------------------
Great, thanks! We didn't assign a "fix version" to this ticket because we don't know when someone will be able to take it on, but we are interested in improving how we handle unknown traffic.
> Connection logging for ESP
> --------------------------
>
> Key: BIT-1444
> URL: https://bro-tracker.atlassian.net/browse/BIT-1444
> Project: Bro Issue Tracker
> Issue Type: New Feature
> Components: Bro
> Reporter: Jimmy Jones
> Assignee: Vlad Grigorescu
> Priority: Low
>
> I'd like to be able to track ESP (IPSec) connections in conn.log. Although ESP is encrypted, the ability to track volumes and pattern of life etc would be beneficial when doing intrusion analysis.
--
This message was sent by Atlassian JIRA
(v7.0.0-OD-04-018#70102)
More information about the bro-dev
mailing list