[Bro] BRO signature
Anshu Sharma
anshu.sh123 at gmail.com
Thu May 21 23:01:48 PDT 2015
Sir/Mam
I am new at bro i have install 2.3.2 . I want to create a signature
framework i have read the document provided on bro website but i cannot
understand how to execute it i.e
signature my-first-sig {
ip-proto == tcp
dst-port == 80
payload /.*root/
event "Found root!"
}
i taken this code from your site but it is not running is it require
addition coding
please tell me what to do now.
thank you
waiting for your early reply
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20150522/62891874/attachment.html
More information about the Bro
mailing list