[Bro] Bro's capabilities
Savakh S
sovakah at gmail.com
Wed Dec 10 14:25:16 PST 2014
Hi all,
I have a question about the Bro's capabilities.
Could you please detail how Bro works ? I know Bro has "protocol analysis"
capabilities for some protocols and is a "behavior-based" IDS.
If I understand well, Bro can learn the way a network is used (like a
machine learning) and then dissect all the protocols he can parse (http,
ftp, ...) to see if the fields' values of these procoles were recorded at
the learning phase ?
Thanks for your answers.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20141210/c4d0a170/attachment.html
More information about the Bro
mailing list