[Bro] Bro Script to detect plain text passwords?
anthony kasza
anthony.kasza at gmail.com
Tue Nov 4 16:32:02 PST 2014
Absolutely. This is something well suited for Bro's policy scripts.
-AK
On Nov 4, 2014 3:45 PM, "Jeff Hammett" <jeff at jeffhammett.com> wrote:
> I recently demo’d Tenable’s Passive Vulnerability Scanner, but found that
> it wasn’t a good fit for my environment. However it did have one nice
> feature I liked, the ability to detect passwords sent in plain text.
>
> Does Bro have this functionality? Or would it be feasible to write a
> script to do so? (I haven’t written any scripts yet, but am interested).
>
> I think I would be most interested in detecting plain text passwords used
> for http logins, but wouldn’t mind monitoring for other protocols as well.
>
> Jeff
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20141104/46a3a513/attachment.html
More information about the Bro
mailing list