[Bro-Dev] OpenFlow Analyzer
Slagell, Adam J
slagell at illinois.edu
Mon Oct 17 12:47:54 PDT 2016
I get you now. I am not aware of an open flow protocol analyzer in Bro.
> On Oct 17, 2016, at 2:45 PM, Hui Lin (Hugo) <hlin33 at illinois.edu> wrote:
>
> Actually, netcontrol is what I thought of as northbound APIs. I actually just wonder whether Bro has analyzer for openflow protocol or not (some refer them as southbound traffics). It not, I probably need to use wireshark to output the pcap and analyze them manually.
>
> On Mon, Oct 17, 2016 at 2:37 PM, Slagell, Adam J <slagell at illinois.edu <mailto:slagell at illinois.edu>> wrote:
> Have you looked at the netcontrol framework in Bro, developed by Johanna?
>
>> On Oct 17, 2016, at 2:24 PM, Hui Lin (Hugo) <hlin33 at illinois.edu <mailto:hlin33 at illinois.edu>> wrote:
>>
>> Hi
>>
>> My understanding is that Bro has some northbound API to openflow switches or controllers. I am wondering whether any development branch has analyzer of openflow controllers. Just try to see whether I can use Bro to analyze some controller-to-switch traffics.
>>
>> Best,
>>
>> Hui
>>
>>
>> --
>> Hui Lin
>> Ph.D. Candidate (http://hlin33.web.engr.illinois.edu/ <http://hlin33.web.engr.illinois.edu/>)
>> DEPEND (http://depend.csl.illinois.edu/ <http://depend.csl.illinois.edu/>)
>> ECE, Uni. of Illinois at Urbana-Champaign
>>
>> _______________________________________________
>> bro-dev mailing list
>> bro-dev at bro.org <mailto:bro-dev at bro.org>
>> http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev <https://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.icsi.berkeley.edu_mailman_listinfo_bro-2Ddev&d=DQMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=gMEsgy9kNQo7aTfyIJsOSuw4Z57hfQyz6uV2H4S9PvE&m=6uypPBIs5nv0peW6XK_o8f3Tu4OHNbnBILH4E2KzmI0&s=S1oVBNplwXmgrFjCjOVpo2f7jqaRkA83lof6A3C0K3c&e=>
>
> ------
>
> Adam J. Slagell
> Chief Information Security Officer
> Director, Cybersecurity Division
> National Center for Supercomputing Applications
> University of Illinois at Urbana-Champaign
> www.slagell.info <https://urldefense.proofpoint.com/v2/url?u=http-3A__www.slagell.info&d=DQMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=gMEsgy9kNQo7aTfyIJsOSuw4Z57hfQyz6uV2H4S9PvE&m=6uypPBIs5nv0peW6XK_o8f3Tu4OHNbnBILH4E2KzmI0&s=si3U_XSgz2LTo9UrJ_nkxfh3RIFE1cVuMrTHK3PX6Sk&e=>
>
> "Under the Illinois Freedom of Information Act (FOIA), any written communication to or from University employees regarding University business is a public record and may be subject to public disclosure."
>
>
>
>
>
>
>
>
>
>
>
> --
> Hui Lin
> Ph.D. Candidate (http://hlin33.web.engr.illinois.edu/ <http://hlin33.web.engr.illinois.edu/>)
> DEPEND (http://depend.csl.illinois.edu/ <http://depend.csl.illinois.edu/>)
> ECE, Uni. of Illinois at Urbana-Champaign
>
------
Adam J. Slagell
Chief Information Security Officer
Director, Cybersecurity Division
National Center for Supercomputing Applications
University of Illinois at Urbana-Champaign
www.slagell.info
"Under the Illinois Freedom of Information Act (FOIA), any written communication to or from University employees regarding University business is a public record and may be subject to public disclosure."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.icsi.berkeley.edu/pipermail/bro-dev/attachments/20161017/0b118ff0/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3579 bytes
Desc: not available
Url : http://mailman.icsi.berkeley.edu/pipermail/bro-dev/attachments/20161017/0b118ff0/attachment-0001.bin
More information about the bro-dev
mailing list