[Bro] connection states
Alex Waher
alexwis at gmail.com
Sun Jul 21 10:35:17 PDT 2013
http://www.bro-project.org/sphinx-git/scripts/base/protocols/conn/main.html
On Jul 21, 2013 10:20 AM, "Laleh Arshadi" <la_arshadi at yahoo.com> wrote:
> Hi Ron
>
> Thanks for the link but unfortunately it does not contain all the
> information I am looking for.
>
> L. Arshadi
>
>
> FYI
>
> I found the below link.
>
>
> Thanks
>
>
> http://www.icir.org/robin/rwth/bro-tour.pdf
>
>
>
> Ron Jenkins (SnortCP, VCP (3/4), MCNE, CNE6, MCP,CCNA)
>
>
>
> Dear all,
>
> Seems that Bro classifies connections into a number of states in its
> "connection summaries" log files. States such SF, REJ, etc. upon which it
> then classifies the connection into one of the three states "good", "bad'
> or "unkown". I was wondering if one could give me a direct pointer to a
> reference in which these states are discussed thoroughly.
>
> Regards
> L. Arshadi
>
>
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20130721/7afb03c9/attachment.html
More information about the Bro
mailing list