[Bro] complete analysis system for detecting malware
John Zhang
kingzyycn at gmail.com
Tue Jan 14 09:46:13 PST 2014
Hi all,
Actually I am planning one complete analysis system(long term) for
detecting and tracing malware and other threats, it can do:
1, live capture full-content network(up to several GBs)
2, and extract files and contents from traffic, specially these contents in
http, ftp, email traffic
3, and send these contents to local sandbox, or to remote sandbox service,
for checking them; or check them against external threat intelligence.
Could you help recommend some tools for the above jobs?
I do need the experience, suggestion and comment from you all.
Thank you !
Regards,
John
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140115/ddeecf8d/attachment.html
More information about the Bro
mailing list