[Bro] complete analysis system for detecting malware
Richard Bejtlich
taosecurity at gmail.com
Tue Jan 14 09:56:49 PST 2014
FireEye?
Sorry, I couldn't resist...
Richard
On Tue, Jan 14, 2014 at 12:46 PM, John Zhang <kingzyycn at gmail.com> wrote:
> Hi all,
>
> Actually I am planning one complete analysis system(long term) for detecting
> and tracing malware and other threats, it can do:
> 1, live capture full-content network(up to several GBs)
> 2, and extract files and contents from traffic, specially these contents in
> http, ftp, email traffic
> 3, and send these contents to local sandbox, or to remote sandbox service,
> for checking them; or check them against external threat intelligence.
>
> Could you help recommend some tools for the above jobs?
>
> I do need the experience, suggestion and comment from you all.
>
> Thank you !
>
> Regards,
> John
>
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
More information about the Bro
mailing list