[Bro] How to configure Bro to detect UDP port 53
Qinwen Hu
qhu009 at aucklanduni.ac.nz
Wed Jan 28 15:35:45 PST 2015
Hi all,
I am a new Bro user, I did few experiments to read the same DNS trace file
via Bro online version and Bro from my personal PC. The version number is
2.3.1.
I got some interesting results. the online version checks UDP port 53 5353
and 5355 (port 53 has record). But, the one on my PC only checks port 5353
and 5355(No DNS query print out).
Is this a configuration issue? And is there a way that I can configure my
Bro to check port 53?
Thanks
Steven
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150128/f418e58e/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: No DNS query print out.png
Type: image/png
Size: 76225 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150128/f418e58e/attachment.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: port 53 has record.png
Type: image/png
Size: 22362 bytes
Desc: not available
Url : http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150128/f418e58e/attachment-0001.bin
More information about the Bro
mailing list