[Bro] Netflow and Bro

Harish kanakaraju harish_64 at yahoo.com
Sat Nov 26 21:43:55 PST 2011


Hi,

I am new to Bro IDS,  I wanted to know if Bro can be used to detect portscan or Denial of service using the netflow data collected from a router. 
If yes,  I am able to use bro as netflow collector now but i am unable to proceed after this point. Should I use the existing scripts on the netflow data to detect the the threats ? or should i write my own scripts?

Regards,
Harish




More information about the Bro mailing list