[Bro] need help on bro
jean-philippe luiggi
jp.luiggi at free.fr
Thu Nov 8 04:42:37 PST 2007
Hello,
The "anomaly detection" idea isn't so easy to both
understand and use.
If one disregards concepts as neural networks, SOM, etc. it would
already be necessary to define what is the normality from a network
point of view, which is normal for then giving alarms on what leaves the
framework.
Best regards,
Jean-philippe.
On Wed, 7 Nov 2007 20:35:56 -0500 "kanthi myneni"
<kanthimyneni at gmail.com> wrote:
> Thanks for reply.
>
> Actually very recently I started bro on linux. Its working with
> installing some missed packages. I am enthusiastic to know how is it
> working.
>
> Yeah I mean about anomaly detection. This must have been done based on
> some site policies right. What are those policies based on. Like they
> vary from site to site right. How those are taken.
>
> Thanks&Regards,
> Kanthi Myneni.
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
>
>
>
>
> !DSPAM:1,47326ac9157913708835974!
More information about the Bro
mailing list