[Bro] Emerging Threats signatures on Bro ids ?
rmkml
rmkml at yahoo.fr
Mon Aug 13 14:33:03 PDT 2012
ok Im look on user-agent ET sigs.
Regards
Rmkml
On Mon, 13 Aug 2012, Seth Hall wrote:
>
> On Aug 13, 2012, at 12:38 PM, rmkml at yahoo.fr wrote:
>
>> This is why I need feedback please.
>
> Oh! I forgot to include an alternate approach I thought of. If you are still interested in going down this route, could you start by pulling out malicious software user-agents from the ET signatures?
> That's something that would fit well and easily into Bro right now and into the intelligence framework in the future.
>
> What do you think about that? We can certainly start small with very well defined goals and move from there.
>
> .Seth
>
> --
> Seth Hall
> International Computer Science Institute
> (Bro) because everyone has a network
> http://www.bro-ids.org/
>
>
More information about the Bro
mailing list