Attack example

[Vern Paxson]

> I am running Bro0.7a73 system in a single machine and preparing to carry out
> some experiments.Who can explain the attack examples included in the Bro
> packet?

I'm not sure what you're asking here.  One of them is a trace of an
FTP "site exec" attack, the other of an NTP overflow attack.

> BTW, are there some help documents available for Tcpdump and Bro? I mean
> some fundemental aspects.

For tcpdump, only "man tcpdump".  For Bro, see the doc/ subdirectory.

		Vern