[Bro] Fwd: Bro Anomaly Detection
Mr Smith
engineer.demo2020 at gmail.com
Thu Feb 13 22:02:31 PST 2014
Hi, I have two questions regarding the Bro anomaly detection capability.
1.How does the Bro detect anomalies? Using writing rules(anomaly rules) or
using a separate module ?
2.Is it possible to run the signature-based and anomaly-based parts of Bro
separately?
I mean, can the Bro be used only for the detection of anomalies.If it is
possible, how?
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140214/ad497ea8/attachment.html
More information about the Bro
mailing list