[Bro] tcpdump -w
Angelita de Cássia Corrêa
angelita at uol.com.br
Thu Jun 16 05:56:22 PDT 2005
Holger,
I checked the $BROPATH and it is the same that I showed you.
echo $BROPATH
/usr/local/bro/policy:/usr/local/bro/site
I don't know why the bro don't capture mys tests.
Could you give me an opinion what kind of test I'd have to do to test the
bro, to see if it is functioning correctly.
Tks
Angelita
----- Original Message -----
From: "Holger Dreger" <hdreger at net.in.tum.de>
To: "Angelita de Cássia Corrêa" <angelita at uol.com.br>
Cc: <Bro at bro-ids.orgBro@bro-ids.org>
Sent: Wednesday, June 15, 2005 4:46 PM
Subject: Re: [Bro] tcpdump -w
On 15.06.2005 at 16:39 Angelita de Cássia Corrêa wrote:
> I used those commands:
>
> BROHOME=/usr/local/bro
> BROPATH=/usr/local/bro/policy:/usr/local/bro/site
>
> When I tried this command: "bro -r /home/xxxx/tcpdump.teste scan" , I
> received this message:
> line 1: error: can't open bro.init
This error usually indicates that the $BROPATH variable does not point
to the policy directory (where, among others, the file bro.init is
located).
Hope this helps,
Holger
Holger Dreger ** http://www.net.in.tum.de ** Tel.: +49 (0)89 289-18006
Lehrstuhl fuer Netzwerkarchitekturen, Technische Universitaet Muenchen
More information about the Bro
mailing list