[Bro] Detecting Encryption

Seth Hall seth at icir.org
Mon Aug 24 07:56:19 PDT 2015

> On Aug 24, 2015, at 10:51 AM, nhtvl <bmixonb1 at cs.unm.edu> wrote:
> OK thanks. So I would write my own broscripts to do connection and
> file entropy analysis then right?

These wouldn’t be written as scripts.  Connection and file analyzers needs to be written as plugins or in the core.  They are typically implemented in C++ or BinPAC.


Seth Hall
International Computer Science Institute
(Bro) because everyone has a network

More information about the Bro mailing list