[Bro] Question about data format of ssl.log files
Seth Hall
seth at icir.org
Thu Feb 21 08:07:34 PST 2013
On Feb 20, 2013, at 9:55 PM, Seth Hall <seth at icir.org> wrote:
> On Feb 20, 2013, at 5:01 PM, Tim Ray <tray at 21ct.com> wrote:
>
>> So, the APT1 report has the certs in text format. Does Bro use that? Or is
>> it all in DER?
And I just realized there is a problem now that I look at the data. Mandiant didn't distribute hashes for any of the certificates. :(
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro-ids.org/
More information about the Bro
mailing list