[Bro] nprobe, ngrep, tcpdump and tcpflow -like behavior of BRO ids?
Seth Hall
seth at icir.org
Mon Dec 12 07:19:05 PST 2011
On Dec 12, 2011, at 4:29 AM, Panos Sakkos wrote:
> I want to ask you if BRO ids can totally replace the following software:
>
> • nprobe
> • ngrep
> • tcpdump
> • and tcpflow
Instead of pointing to tools and asking if Bro can replace them, could you explain tasks you need to accomplish with a network monitoring tool? All of those tools have a lot of functionality and Bro certainly doesn't implement every bit of functionality they have. :)
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/
More information about the Bro
mailing list