[Bro] match on dns "malicious domain" and old browsers

John Babio jbabio at po-box.esu.edu
Thu Nov 7 11:49:59 PST 2013

Previous message: [Bro] Bro 2.2 has arrived
Next message: [Bro] Bro and Counting DNS rcodes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Are there any scripts created already for matching and generating a notice
based on bad domains being queried? Also, I create a signature for
matching against a user agent string but I see this info is already pulled
in the logs. How can I create a notice for matching against something like
IE 6 being used?

Previous message: [Bro] Bro 2.2 has arrived
Next message: [Bro] Bro and Counting DNS rcodes
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Bro mailing list