[Bro] Bro scripts to detect network attacks
Max Feldman
maxfeldman14 at gmail.com
Thu Aug 6 11:15:08 PDT 2015
It looks like there's a syn flood detection script here:
http://www.gnu-darwin.org/www001/src/ports/security/bro/work/bro-1.2.1/policy/synflood.bro
and an arp spoofing detection script here:
https://github.com/maxfeldman14/brospects/blob/master/arpspoof.bro
But I'm not sure if there is anything more up-to-date.
On Wed, Aug 5, 2015 at 6:46 PM, 陈昱竹 <billcyz at gmail.com> wrote:
> Hello
>
> I'm running Bro in my network, and I want to perform attacks to test its
> capabilities and create alert information.
> I choose to use SYN Flood Attack and ARP Spoofing Attack, can anyone tell
> me where to find these scripts?
>
> Any help would be great. Thank You.
>
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>
--
Max Feldman
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150806/4dab928a/attachment.html
More information about the Bro
mailing list