[Bro] Writing a new analyzer
Thomas, Eric D
edthoma at sandia.gov
Tue Mar 25 10:37:55 PDT 2014
Hello, I’d like to write a protocol analyzer, but I don’t know where to begin. Is BinPAC the recommended method? The documentation for BinPAC describes mostly types, so it’s not enough to get me started. I looked at some of the protocols that have .pac files and it’s way over my head at this stage. I found the BinPAC Sample Analyzer, which appears might be applicable mostly to Bro 1.X. Any other resources that could help?
--
Eric Thomas
edthoma at sandia.gov
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140325/28570d83/attachment.html
More information about the Bro
mailing list