[Bro] Question on file hashes and cyrmu db
Doug Burks
doug.burks at gmail.com
Sun Sep 7 14:40:59 PDT 2014
On Sunday, September 7, 2014, Dave DeChellis <dave at dechellis.com> wrote:
>
> Also, the script seems to work with pcap files that people have provided
> so the network could be the issue but I don't see any signs of packet loss,
> frame errors or other data.
>
>
Hi Dave,
Is it possible that NIC offloading functions are a factor?
http://blog.securityonion.net/2011/10/when-is-full-packet-capture-not-full.html
--
Doug Burks
Need Security Onion Training or Commercial Support?
http://securityonionsolutions.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20140907/f1a043bb/attachment.html
More information about the Bro
mailing list