[Bro] Bro and ICMP
Seth Hall
seth at icir.org
Fri Jun 24 06:23:55 PDT 2011
On Jun 24, 2011, at 9:15 AM, Dan Wyschogrod wrote:
> Several of us in the Cyber Security group at BBN are beginning to explore Bro for use in one of our projects.
Cool!
> Is there active work going on in detecting ICMP irregularities using Bro?
Not too actively, but I'm deep in the midst of a complete shipped-scripts rewrite. I have a new ICMP script mostly done, but I was a little lost about where to go with it. Any clues would be greatly appreciated.
> Is there any interest in contributions to Bro of some ICMP sensors we've begun working on?
Absolutely.
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/
More information about the Bro
mailing list