[Bro] getting raw bytes?
Dan Klinedinst
dklinedinst at lbl.gov
Wed Aug 10 09:50:08 PDT 2011
On Wed, Aug 10, 2011 at 12:39 PM, Seth Hall <seth at icir.org> wrote:
>
> Signatures are implicitly anchored at the beginning of the stream. :)
Awesome! Regex on binary data, I love it! Thanks Seth.
BTW, everyone, I used Bro to process wifi traffic at DefCon this past
weekend and got almost as many questions about Bro as I did about my
viz software. I expect you'll see a bunch of downloads this week....
:-)
Dan
--
Dan Klinedinst
Lawrence Berkeley National Laboratory
510.486.4219
dklinedinst at lbl.gov
More information about the Bro
mailing list