Getting matched substrings ???
Robin Sommer
sommer at in.tum.de
Wed Apr 7 00:38:57 PDT 2004
On Wed, Apr 07, 2004 at 09:17 +0200, Yohann Thomas wrote:
> *To sum up, I'd like to get some hosts characteristics like : *this host
> (IP@ W.X.Y.Z) is now running Apache 1.3.29*.
This sounds exactly like what software.bro is doing. Have you tried
that? (You also need to load http-reply.bro as it doesn't use the
signature engine but the HTTP decoder).
Robin
--
Robin Sommer * Room 01.08.055 * www.net.in.tum.de
TU Munich * Phone (089) 289-18006 * sommer at in.tum.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20040407/e74b66f4/attachment.bin
More information about the Bro
mailing list