[Bro] Newbie question on Bro and NetBIOS protocol
fasf safas
silusilusilu at gmail.com
Thu Oct 16 05:18:34 PDT 2014
Hi,
i'm a newbie and i'm studying BRO: i'm using BRO in standard configuration
without any plugin.
I have some problems with NetBIOS protocol: i've executed the test
described below
1. nbtstat "a specific IP": i've obtained the NetBIOS name. Wireshark and
Bro were in background
2. From Wireshark i'm able to see two packets: the first is the NBSTAT name
query, the second one its response.
3. In Bro (under dns.log) i'm able to see only the query, but not its
response...so i'm not able to see the netbios name.
What's wrong?
Thanks in advance,
Alvin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20141016/07a6cac2/attachment.html
More information about the Bro
mailing list