[Bro] Bro output on DARPA data set

salom123 at ok.kz salom123 at ok.kz
Wed May 17 08:44:48 PDT 2006


Hi All,

I just wanted to know if someone has run Bro on DARPA 1999 Training week 1 and 2 data (only inside and outside tcpdump files)? The problem is that week 1 does not contain any attacks, but week 2 contains labeled attacks. I am checking the Bro output (alarm.log file) and see none of the labeled attacks... Please, help me to understand the Bro output? May be I am writing somethings wrongly...? Thanks in advance.

regards




More information about the Bro mailing list