[Bro] using Bro as traffic analyzer.

James Swaro james.swaro at gmail.com
Mon Dec 5 22:37:58 PST 2011


On Mon, Dec 5, 2011 at 10:51 PM, Vern Paxson <vern at icir.org> wrote:

> > If you need more detailed information, I am currently working on an
> > analyzer for Bro that attempts to give more detailed information about
> the
> > retransmission behavior of a TCP connection as part of on-going research.
>
> You should for sure contact Katrina LaCurts <katrina at csail.mit.edu>,
> who did an internship with us working on integrating this sort of analysis
> into Bro.
>
>                Vern
>

I've actually seen quite a bit of her work that she emailed to me last
year. It was a phenomenal base for what I've tried to expand upon. I'd be
eager to see if there had been further developments with it aside from what
I've seen in the development branch.

Katrina could give a more accurate description of the stats analyzer than
perhaps I could.
-- 
James Swaro*
*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20111206/82c05f8b/attachment.html 


More information about the Bro mailing list