[Bro] SFTP analysis
john smith
js688886 at gmail.com
Mon Apr 11 13:21:39 PDT 2016
Thanks Johanna!
There is a builtin script /bro/frameworks/logging/postprocessors/sftp.bro.
Can that be used and how? Thanks.
John
On Fri, Apr 1, 2016 at 1:52 AM, Johanna Amann <johanna at icir.org> wrote:
> Hello John,
>
> On Thu, Mar 31, 2016 at 09:25:42AM -0700, john smith wrote:
> > Does anyone know if Bro supports SFTP? Thanks in advance.
>
> Bro supports and gives information about SSH; since SFTP traffic is just
> encapsulated inside the encrypted SSH session, there is not really much
> more that we can do.
>
> I hope this helps,
> Johanna
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160411/eabb922f/attachment.html
More information about the Bro
mailing list