[Bro] Bro Script to detect plain text passwords?
Nick Pratley
npratley at redhat.com
Tue Nov 4 18:25:51 PST 2014
An example of detecting HTTP basic authentication is given here:
http://ryesecurity.blogspot.com.au/2012/05/learning-bro-scripting-language.html
On 11/05/2014 10:32 AM, anthony kasza wrote:
> Absolutely. This is something well suited for Bro's policy scripts.
>
> -AK
>
> On Nov 4, 2014 3:45 PM, "Jeff Hammett" <jeff at jeffhammett.com <mailto:jeff at jeffhammett.com>> wrote:
>
> I recently demo’d Tenable’s Passive Vulnerability Scanner, but found that it wasn’t a good fit
> for my environment. However it did have one nice feature I liked, the ability to detect
> passwords sent in plain text.
>
> Does Bro have this functionality? Or would it be feasible to write a script to do so? (I haven’t
> written any scripts yet, but am interested).
>
> I think I would be most interested in detecting plain text passwords used for http logins, but
> wouldn’t mind monitoring for other protocols as well.
>
> Jeff
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org <mailto:bro at bro-ids.org>
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
>
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
More information about the Bro
mailing list