[Bro] BitTorrent protocol analyzer help
Nick Pratley
npratley at redhat.com
Mon Oct 6 19:07:35 PDT 2014
Hi, I need some help with the BitTorrent protocol analyzer. My aim is to log info_hash values for
files downloaded over bittorrent.
I can see bittorrent-related events in base/bif/plugins/Bro_BitTorrent.events.bif.bro but these
events don't seem to be getting raised. I'm testing with a .pcap generated on my laptop while
opening Transmission and starting a Fedora torrent download. I'm running Bro 2.3.1 on RHEL 6,
installed via the RPM.
I'm new to Bro and have been reading a lot of the documentation but I'm still not sure exactly how
I'm supposed to go about achieving this, so if someone could give me a pointer to get started that
would be greatly appreciated.
Thanks,
Nick.
More information about the Bro
mailing list