[Bro] Parsing Modbus packet with Function code 15
Seth Hall
seth at icir.org
Wed May 14 09:24:05 PDT 2014
On May 14, 2014, at 10:40 AM, Robin Sommer <robin at icir.org> wrote:
> On Wed, May 14, 2014 at 03:08 -0700, Vishak Muthukumar wrote:
>
>> I have a trace file which has a write request to write to coil 0.
>> But when I monitor that trace file in my bro script, I cannot see the coil
>> value. It says the size of the coil vector is empty.
>
> Iirc, the analyzer doesn't further extract coil values yet.
I was unable to find traffic that dealt with coils so I left that out. Most of the infrastructure is in place however. Vishak, can we use the traffic you submitted in our test suite if it works out when we look at it?
.Seth
--
Seth Hall
International Computer Science Institute
(Bro) because everyone has a network
http://www.bro.org/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 495 bytes
Desc: Message signed with OpenPGP using GPGMail
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140514/85030f1e/attachment.bin
More information about the Bro
mailing list