[Bro] Meaning of notices in weird.log
Josh Liburdi
liburdi.joshua at gmail.com
Wed Feb 25 10:19:40 PST 2015
I haven't seen a page describing what these mean, but the Bro project
on github is useful for finding this type of info.
If you take any of the strings listed in the actions table in the file
scripts/base/frameworks/notice/weird.bro and search for them on
github, you'll find where the weird is generated from. That should put
you on the right track to figuring out what it means.
https://github.com/bro/bro/search?utf8=%E2%9C%93&q=SYN_seq_jump&type=Code
Josh
On Tue, Feb 24, 2015 at 10:47 PM, Lachlan Kang <td66bshwu at gmail.com> wrote:
> Is there some kind of explanation page that describes the meaning of
> all the different notifications that can be found in weird.log?
> Specifically I want to learn what SYN_seq_jump means.
>
> Thanks.
> _______________________________________________
> Bro mailing list
> bro at bro-ids.org
> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
More information about the Bro
mailing list