[Bro] flow-level analysis code
Anton Chuvakin, Ph.D.
anton at netForensics.com
Fri Dec 17 11:32:32 PST 2004
> I use Netflow every day and it may be a good thing to use it inside Bro.
> Who's interested on this topic ?
> I think i (we) may start something.
I am very interested, but it seems that it is somewhat outside the scope
of Bro as a classic NIDS. Reading netflow will make no sense (for Bro)
since there is no packet contents.
Best,
--
Anton Chuvakin, Ph.D., GCIA, GCIH - http://www.info-secure.org
Author of "Security Warrior" from O'Reilly - http://www.securitywarrior.com
Chief Security Strategist
Product Management Group
netForensics - http://www.netForensics.com
**************************************************************************************************
The contents of this email and any attachments are confidential.
They are intended for the named recipient(s) only.
If you have received this email in error please notify the system manager or the
sender immediately and do not disclose the contents to anyone or make copies.
** netForensics has scanned this email for viruses, vandals and malicious content. **
**************************************************************************************************
More information about the Bro
mailing list