[Bro] General questions about Bro's capabilities
anthony kasza
anthony.kasza at gmail.com
Sun Dec 28 15:43:24 PST 2014
Bro has an understanding of many of the more popular layer 7 protocols and
is able to generate logs based on what it sees.
One rather simple way to create a baseline for a network could be to
monitor the network for a period of time and observe the logs Bro generates.
-AK
On Dec 28, 2014 9:01 AM, "Savakh S" <sovakah at gmail.com> wrote:
> Hello,
>
> How can Bro be used to set a network profile and works as a behavior IDS ?
> Does Bro need to understand L7 protocols ? Is it compulsory ? If not, what
> would be its capabilities ?
>
> Thank for your answers.
>
> Regards.
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20141228/92eca383/attachment.html
More information about the Bro
mailing list