[Bro] Signature payload matching
Rodrigue ALAHASSA
rodrigue.alahassa at gmail.com
Tue Jul 5 14:06:27 PDT 2011
Hi all,
I'm working for automation of signature generation for Bro from pcap trace
files.
I would like to know if the matching of the payload as a condition is done
against all the session data or more like per packet matching.
Thanks
--
Rodrigue ALAHASSA
Royal Military Academy, Brussels
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20110705/f1c6a614/attachment.html
More information about the Bro
mailing list