[Bro] Integrating WiFi Analyzer within Bro

pratik inamdar pratikinamdar at gmail.com
Fri Mar 25 09:55:25 PDT 2016 

Hi,

Thanks you for the prompt response!

My task is to write an analyzer in bro using BinPac for an IoT protocol. I
have already written analyzers for application layer protocols namely MQTT
and AMQP.

Now I wish to write an analyzer for an IoT protocol which does not fall in
the application layer.

The IoT protocol should be able to use Bro BinPac language. Could you
please suggest me one?

Thanks,
Pratik Inamdar
On Mar 25, 2016 09:48, "Johanna Amann" <johanna at icir.org> wrote:

> Hello Pratik,
>
> I think the answer stays the same - if I understand things correctly, you
> have to implement IEEE 802.15.4, which is a lower level protocol, which
> currently cannot be implemented with just BinPAC and needs core changes
> (probably in src/iosource/Packet.cc and others). There are currently no
> examples for that, besides the existing code.
>
> Johanna
>
> On 25 Mar 2016, at 9:40, pratik inamdar wrote:
>
> Hi Vlad,
>>
>> Hope you are doing good!
>>
>> I chose to switch the protocol. So now I am writing an analyzer for
>> 6LoWPAN
>> instead of WiFi.
>>
>> Quick question:
>>
>> Will I be able to successfully use BinPac to write an analyzer for
>> 6LoWPAN?
>>
>> Also, if possible, please guide me with some key points to remember while
>> writing analyzer for 6LoWPAN.
>>
>> Your help will be greatly appreciated!
>>
>> Thanks,
>> Pratik Inamdar
>>
>> On Mon, Mar 21, 2016 at 8:28 AM, Vlad Grigorescu <vladg at illinois.edu>
>> wrote:
>>
>> Unfortunately, there is no way to implement lower level protocols with
>>> BinPAC quickstart right now. Similary, we don't have any examples of a
>>> BinPAC lower-level analyzer if you were to do it manually.
>>>
>>> If you are able to get it working, I'd certainly be interested in how
>>> you did it, and would look at adding it to binpac_quickstart.
>>>
>>>   --Vlad
>>>
>>> pratik inamdar <pratikinamdar at gmail.com> writes:
>>>
>>> [ text/plain ]
>>>> Hi,
>>>>
>>>> In my project, I am integrating a WiFi protocol analyzer with bro to
>>>>
>>> parse
>>>
>>>> and monitor WiFi packets header information.
>>>>
>>>> I am using BinPac to generate template for the WiFi protocol analyzer in
>>>> the src/analyzer/protocol directory.
>>>>
>>>> As per my knowledge WiFi(802.11) is not a TCP type of protocol. So I
>>>> wish
>>>> to know what should I use instead of the option "--tcp" while using the
>>>> command:
>>>>
>>>> python start.py WiFi "WiFi Protocol" ../bro --tcp
>>>>
>>>> Any help will be really appreciated!
>>>>
>>>> --
>>>>
>>>> Thanks & Regards.
>>>>
>>>> Pratik Inamdar
>>>> [ text/plain ]
>>>> _______________________________________________
>>>> Bro mailing list
>>>> bro at bro-ids.org
>>>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>>>>
>>>
>>>
>>
>>
>> --
>>
>> Thanks & Regards.
>>
>> Pratik Inamdar
>> _______________________________________________
>> Bro mailing list
>> bro at bro-ids.org
>> http://mailman.ICSI.Berkeley.EDU/mailman/listinfo/bro
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.ICSI.Berkeley.EDU/pipermail/bro/attachments/20160325/aef042cd/attachment.html

More information about the Bro mailing list